www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Submission: On December 07 via manual (December 7th 2020, 9:06:17 pm UTC) from IN

Summary HTTP 140 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 41 domains to perform 140 HTTP transactions. The main IP is 2606:4700:3037::681f:5ebc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.insurancebusinessmag.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time www.insurancebusinessmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3037::681f:5ebc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
6	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 18	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
5	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.190.50.98 35.190.50.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 5	104.111.214.206 104.111.214.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
8 11	54.78.251.22 54.78.251.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1 2	35.158.179.12 35.158.179.12	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
140	47

10 2606:4700:3037::681f:5ebc (United States)

ASN13335 (CLOUDFLARENET, US)

www.insurancebusinessmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 216.58.206.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn-res.keymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.50.98 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com

cdn.sajari.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

insurance-business.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.214.206 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-206.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6b522d63087722712a1b2454d6d2b0a6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.78.251.22 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.179.12 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-179-12.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

re.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com 6b522d63087722712a1b2454d6d2b0a6.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	329 KB
19	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	133 KB
15	adroll.com 8 redirects s.adroll.com d.adroll.com	23 KB
10	insurancebusinessmag.com www.insurancebusinessmag.com	83 KB
7	googletagservices.com www.googletagservices.com	201 KB
7	facebook.com www.facebook.com	782 B
6	google.com adservice.google.com www.google.com	279 B
6	cloudflare.com cdnjs.cloudflare.com	23 KB
5	disquscdn.com c.disquscdn.com	230 KB
5	facebook.net connect.facebook.net	298 KB
4	addthis.com s7.addthis.com m.addthis.com	191 KB
4	fontawesome.com use.fontawesome.com	184 KB
3	hubspot.com api.hubspot.com track.hubspot.com	1 KB
3	disqus.com insurance-business.disqus.com disqus.com	33 KB
3	keymedia.com cdn-res.keymedia.com	251 KB
2	openx.net 1 redirects us-u.openx.net	479 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1003 B
2	sajari.com cdn.sajari.com re.sajari.com	23 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	jquery.com code.jquery.com	96 KB
1	hubapi.com api.hubapi.com	707 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	yahoo.com 1 redirects ads.yahoo.com	733 B
1	hs-banner.com js.hs-banner.com	13 KB
1	usemessages.com js.usemessages.com	20 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	google.de www.google.de	108 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	google.ch adservice.google.ch	803 B
1	addthisedge.com v1.addthisedge.com	762 B
1	moatads.com z.moatads.com	1 KB
1	zoominfo.com ws.zoominfo.com	724 B
1	hs-scripts.com js.hs-scripts.com	960 B
1	googleadservices.com www.googleadservices.com	12 KB
1	googletagmanager.com www.googletagmanager.com	45 KB
1	sajari.net cdn.sajari.net	200 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
1	googleapis.com fonts.googleapis.com	736 B
140	41

	Domain	Requested by
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.insurancebusinessmag.com tpc.googlesyndication.com
16	securepubads.g.doubleclick.net	1 redirects www.insurancebusinessmag.com securepubads.g.doubleclick.net
10	d.adroll.com	7 redirects www.insurancebusinessmag.com
10	www.insurancebusinessmag.com	www.insurancebusinessmag.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	securepubads.g.doubleclick.net
7	www.facebook.com	www.insurancebusinessmag.com connect.facebook.net
6	cdnjs.cloudflare.com	www.insurancebusinessmag.com
5	www.google.com	www.insurancebusinessmag.com securepubads.g.doubleclick.net
5	c.disquscdn.com	insurance-business.disqus.com
5	connect.facebook.net	www.insurancebusinessmag.com connect.facebook.net
5	s.adroll.com	1 redirects www.googletagmanager.com www.insurancebusinessmag.com s.adroll.com
4	use.fontawesome.com	www.insurancebusinessmag.com use.fontawesome.com
3	s7.addthis.com	www.insurancebusinessmag.com s7.addthis.com
3	cdn-res.keymedia.com	www.insurancebusinessmag.com
2	us-u.openx.net	1 redirects www.insurancebusinessmag.com
2	ib.adnxs.com	1 redirects www.insurancebusinessmag.com
2	x.bidswitch.net	1 redirects www.insurancebusinessmag.com
2	api.hubspot.com	js.usemessages.com
2	disqus.com	insurance-business.disqus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	code.jquery.com	www.insurancebusinessmag.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	re.sajari.com	www.insurancebusinessmag.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com	www.insurancebusinessmag.com
1	ads.yahoo.com	1 redirects
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	www.google.de	www.insurancebusinessmag.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	d.adroll.mgr.consensu.org	1 redirects
1	6b522d63087722712a1b2454d6d2b0a6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	cdn.sajari.com	www.insurancebusinessmag.com
1	z.moatads.com	s7.addthis.com
1	ws.zoominfo.com	www.insurancebusinessmag.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	insurance-business.disqus.com	www.insurancebusinessmag.com
1	www.googletagmanager.com	www.insurancebusinessmag.com
1	cdn.sajari.net	www.insurancebusinessmag.com
1	maxcdn.bootstrapcdn.com	www.insurancebusinessmag.com
1	fonts.googleapis.com	www.insurancebusinessmag.com
140	52

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.lifehealthpro.ca
learn.insurancebusinessmag.com
kmi.magazinemanager.com
shop.kmimedia.ca
bpaww.com
www.keymedia.com
www.wealthprofessional.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cert00041-azurecdn.akamaized.net R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.sajari.net AlphaSSL CA - SHA256 - G2	`2020-08-03` - `2022-09-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.sajari.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2022-06-11`	2 years	crt.sh
*.google.ch GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
re.sajari.com GTS CA 1D2	`2020-11-26` - `2021-02-24`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Frame ID: 184A3291F3D243B9A7C2264A9F26D841
Requests: 93 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F1CB5A20C1DF2C8A9A222BE00548A333
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 685C7514B09C823F97DF480E702364D6
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default
Frame ID: FF89CA371C887E74220189DB78BAA8CF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh6kOrwVtnRGoTNNynh7NA0l6CT3rs6Gr8RK7ymrs-yy6MlP1TKQyosTOCdvAB9fNoCvixfGmWQNoJTqLzCqjgC_qu_pQpyMgElecNpe7mVxMxWGpC4aZWbc45JMrhV2nX6BxT3z5DMMlbGwUWRZ8kjenlivNoSo8ORgqD1daKEjM2mB1mc4i4QkAjfDe2K4KGef7EMSrXPVc0sDwissljNhGwwbWLgVcrpaCOPKOQ0h7WbUF9ULs44uIpvpkBJSt8yEyHOgC3xgfKE03fyS8dg0D2RQwcVeKSZEebzHuTqqwwokWhIOP80rhRWmgParoIFA&sig=Cg0ArKJSzNetCO0k7P58EAE&adurl=
Frame ID: F6C9AB1010760CDD5CCFE0C041CCD1F5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss48sXckCKCtQT3A9qL5dhE0Gmf2c8BxTe_XTQCQD7v0YcGjJUaAuXD_Bv-bryvUByNot8nbc4Ka5kFwVFD63Yyz_Jx3JNFn7a0NLXdOiLK2h3MIE_Krb_V_xqGpm0ulpSHpJmiqsYLDdtzz1tS_ebAPtwzGimEzifZI4IcmLOXuarQnjuEdHDyN7oMBdnxRbmUwsmAppAcbEPkhx9yuFnsdE4511aYBn5tQ4GhwPsId7D8mEOIbA5_LDQu6ZYTXq7KjtRNtVqEFCdpC1Mrm_wK8DuS8pLKoGs1xQ&sig=Cg0ArKJSzGvOWhBrKWAfEAE&adurl=
Frame ID: 3600B7FE0240C9C0322313FABABD0F1A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-Tx0EprJ3XEQCBpO5J3CP7GcqQE8v2Bo8jXz8yHKbRNtbRRXE5cQQAz77jEFdNc6qLzPBbdEWRznhsqXjcaw3lxbBJRt89bj0khUmoPh76A3LXQJUl-eKghCVFQEm_9vKqgF6zqKzczNZIgzgXR7zzNT5WrwvosFuepMFzCKxhhO7BSDevNsKvF5UqR0oDZ0halD1HqQSeSAbxFtWTARFivsgBilBQXO3Ryr-_pK9TcN68XO-4Owgt1zBJZXV5C7D7PVAAxjWm9fq4yzWKVhlD9yW1sHUmn0dHPg&sig=Cg0ArKJSzA-cb7e7XzjIEAE&adurl=
Frame ID: 83A4BA3EBCEB7CAD242765A8ED4F1CD5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjWz8wvjrDMCssIy-9hywzRhwWGXJ259slDJy4RfFxjd0XbmJIiY5xtYRrGBM_beWVc3whckE0L0qvZj17yUgYagdxiO_uboBM-GOBK37nEtzbIUFCJhEsqbhk_KOTwPMzhWKzJG6mFj52lgLlPf8rzjIoKZppMiuOwyBHd16LM6CLqZS7h-oFbcmwYTIPB5ogVoX4_sjT5VRIw6WcFxCvaN0k1LIHGXyWAvv725af9gLb7vEsY-t7HSngWMjdF17_fjU30SfOWpW8RNMJ65cDQ-PuynPq0fj8F2c&sig=Cg0ArKJSzHDT1pwyFeYiEAE&adurl=
Frame ID: 2E7D66C8094C651EEAAA5F9208F35E31
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/13810547153303696996
Frame ID: 55B4FB99A5FF7B0178C7BF4FCB5FCCB7
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvDO4VjPPT2RkqppZ3dmWO4bVhlyxUYaxhIrhWoc3lbOIsr6stbPZ6Cm90UsPGayPRnGtPZ8-omZuNQGKKTRUrr5oEpJXneKSuQ1GvBhO5plrb3Tf9RbzEhfHdCPTx7WDUFIz8lyLlrc0d9NRNXawQNeEOpoP6tk0s_cSbdjiscyCga5kr5KOaMly__pbMX8yZyCtx9man8ECx0UYcL-dQICYZZmkfEEajxQ7FFc_cnvg7Bsfo5p65fHeopcfsVSFHsb7rkxucxNkhOT5RvntKYTOalUKHoIMia_I&sig=Cg0ArKJSzDEe_FfDcaRTEAE&adurl=
Frame ID: 87D9A24C605FCFEADABACAB3D8327D92
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstotmCv9i8LwUVPrLWrZPAVFXZvzlk0sw7JQObO5l3c7B3yZ_Q-o8uZBdbs8yHcrlnnur8MayeYfOrPx3jHrHCITWtiePtA2MR-OBvIYt_edusF_Y0f77U_x4tFcur-AMHg68SWrN0rJQ6AwE_wdp3bBBoYzeKFxMjBbbJDRa8Je1bOgNnyY461WI5iZCLZSPriXvAy267ePhtevd2xI_ekMoLZTzDckxEo2FCNTqlI7xRWiAjB_5p0WiaD6DEZMRgSMRV-tuAwoWYkqOLgbMlWsELpMk9UOk9PkQM&sig=Cg0ArKJSzBg67MZ6MMNHEAE&adurl=
Frame ID: BBEE331A49C2C9C9EA7E054ECA46BFFB
Requests: 8 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 0771C5AA261BD9C8536BADFBF9DE057A
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: AB22940F5332A4CE085D2BA229100F16
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: A76434001143FB8B793E491F6EF1BE91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

140
Requests

99 %
HTTPS

72 %
IPv6

41
Domains

52
Subdomains

47
IPs

7
Countries

2463 kB
Transfer

5482 kB
Size

17
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/InsuranceBusinessCanada

Search URL Search Domain Scan URL

URL: https://twitter.com/InsuranceBizCA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/15154282

Search URL Search Domain Scan URL

URL: https://www.lifehealthpro.ca/
Title: Life

Search URL Search Domain Scan URL

URL: https://learn.insurancebusinessmag.com/
Title: eLearning

Search URL Search Domain Scan URL

URL: https://kmi.magazinemanager.com/subscribe/subscribe_renewOnlineCFGS_KMI.asp?renew=&source=IBPAID1
Title: Magazine

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/magazines/back-issues/insurance-business/?sort=newest
Title: Back Issues

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/special-reports/insurance-business/?sort=newest
Title: Special Reports

Search URL Search Domain Scan URL

URL: http://bpaww.com/bpaww/#?targeturl=/BPAWW/MemberTools/AuditedSiteTraffic&target=2&languageid=1&homepage=/bpaww/Content/MainContent/Home/Index.html&footerpage=/bpaww/content/maincontent/footer/english.htm

Search URL Search Domain Scan URL

URL: https://www.keymedia.com/?__hstc=226989634.3a430962cf917768e5dbb064547a595b.1607375161296.1607375161296.1607375161296.1&__hssc=226989634.1.1607375161297&__hsfp=2978788718
Title: Key Media

Search URL Search Domain Scan URL

URL: https://www.wealthprofessional.ca/?__hstc=226989634.3a430962cf917768e5dbb064547a595b.1607375161296.1607375161296.1607375161296.1&__hssc=226989634.1.1607375161297&__hsfp=2978788718
Title: Wealth Professional Canada

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 56

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=ef727bcb25b2d6924c8b0ee011ad9314&_b=2 HTTP 302
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=ef727bcb25b2d6924c8b0ee011ad9314&_b=2

Request Chain 91

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGu3xiFkRVhKkD9lMtyASUUnzXcCsJ5Ml0r-nXiljqrOd5yDIDU243fZWcMWRz7_OxUItAHJXwyTZO_w957o_KcNUkjNj2Rd-dtPBXueBtRvcJmUg8splzAvD_rEdLM4k6rAjgeZm5vEpsc0GX_2xlhDZTOQy8_B1V5F5jQBnMbwXEkGB8xVDurVytGAIhId689kPBpsCG6hsRwUhWsBs9iLtes4fnHnNwRZzdeZDluj1_SQaoEN87g640nAruznqck5IPlgK0TkxQtBjdRKiHFqbsjJi5TbeiQlvCn2w&sig=Cg0ArKJSzBks9yCRLIQbEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/13810547153303696996? HTTP 302
https://tpc.googlesyndication.com/simgad/13810547153303696996

Request Chain 115

https://d.adroll.com/pixel/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&xid_ch=f&pv=5678796791.833962&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/GXLA5HH2IBHK5CA2VTBGL2.js

Request Chain 121

https://d.adroll.com/cm/r/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&xid_ch=f&advertisable=2VITFUM7BRCEBEOMM6S7XQ HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 122

https://d.adroll.com/cm/b/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&xid_ch=f&advertisable=2VITFUM7BRCEBEOMM6S7XQ HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY

Request Chain 123

https://d.adroll.com/cm/x/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&xid_ch=f&advertisable=2VITFUM7BRCEBEOMM6S7XQ HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY

Request Chain 124

https://d.adroll.com/cm/l/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&xid_ch=f&advertisable=2VITFUM7BRCEBEOMM6S7XQ HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=52e0b158cdf651973f7f13abb64b92e6

Request Chain 125

https://d.adroll.com/cm/o/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&xid_ch=f&advertisable=2VITFUM7BRCEBEOMM6S7XQ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=52e0b158cdf651973f7f13abb64b92e6 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=52e0b158cdf651973f7f13abb64b92e6

Request Chain 126

https://d.adroll.com/cm/g/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&xid_ch=f&advertisable=2VITFUM7BRCEBEOMM6S7XQ&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=UuCxWM32UZc_fxOrtkuS5g HTTP 302
https://d.adroll.com/cm/g/in

140 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx Show response
www.insurancebusinessmag.com/ca/news/cyber/ 56 KB
10 KB 559ms
532ms Document
text/html 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4f25e1439bac98078ca61a5dadcd309a6a392c3830b52f894ece95c72807efc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.insurancebusinessmag.com
:scheme: https
:path: /ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dfee64ba8e810428f638ae490a3da806d1607375159; expires=Wed, 06-Jan-21 21:05:59 GMT; path=/; domain=.insurancebusinessmag.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06e09f96f20000175230a6e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gcN6sSjmyE8F7sJcXavGNNmoz51W0PZlUv77qXE%2BMSX7mCs4VlFl0ayMdt1bFypKxjz2OSwkX6xSN7ksCCGrpO2qpay6r8ll0lvYXfsf%2F9eEEHTz%2BHGjumF2U3lVHzdhV49vEnlgK82x"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fe13537ec901752-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 4 KB
736 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 19:25:02 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 21:05:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:05:59 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.1/css/ 58 KB
15 KB 167ms
78ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 15:13:10 GMT
server: NetDNA-cache/2.2
etag: W/"b227b1617a1763c8bc056772f05482b4"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
805 B 14ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 463194
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 394
cf-request-id: 06e09f99090000c290d6104000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q3SC21ajNxZP1LlFCGx70giRzvDL4rUztotumJ0hto9puTJtH%2FFBlCnGVCFbL8AB6Iw0cHh3VMvZgLblhzEsK%2BRY%2BDcQvv7oY2w4sdarVnk7uvlwyKseBrzyFkdAcR3%2FLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe1353b49f2c290-FRA
expires: Sat, 27 Nov 2021 21:05:59 GMT

GET
H2 200 site.min.css
www.insurancebusinessmag.com/css/ 217 KB
31 KB 22ms
21ms Stylesheet
text/css 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2616
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 06e09f990a000017528b99d000000001
last-modified: Thu, 26 Nov 2020 05:10:15 GMT
server: cloudflare
etag: W/"1d6c3b26cbd77e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P46zhsOPGHz1%2BNwaZ%2BDTbTstoyCmNQcIhVuQpb3j1gLEdh2BVcEMzAofPFhBsFO98Uk1SJPWWdCuPbBEQjTKJSSi3q0yMsrn9asZ8jjv4rP5sSQcGyA7upfSuDD6RjChdTP1dc9bMxF6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5fe1353b4b861752-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 50ms
48ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

b3c5ee146e480865a916c986e0ad32dc589e1ffe462f6b47d9e9c7044ed6f2cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "717 / 176 of 1000 / last-modified: 1607370225"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18692
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:05:59 GMT

GET
H2 200 logo_gray_ca.png
www.insurancebusinessmag.com/images/ 5 KB
6 KB 46ms
43ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_gray_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4785
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5287
cf-request-id: 06e09f99c4000017523e923000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310c627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EFFEqEy9FYhNsRhD9EjF9TbbeBXAkDXZtJ7ua8R%2FRKulcBIphgEGwrQP3nvu8yDZSMWCY7gKluJ%2B4LP7KyXJhPJdqP3NAIcjUIPXdDkQ3oOtWcITYLGEN%2B1jgpykwkgDIIaVbIO9FP53"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe1353c6daa1752-FRA

GET
H2 200 logo_ca.png
www.insurancebusinessmag.com/images/ 11 KB
11 KB 49ms
47ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4785
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 11195
cf-request-id: 06e09f99db0000175265800000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f93b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zJgdcyt5c%2Fjp%2Fv1BHDt4%2BdeP7TEp3m%2B%2BW5mZMt34qDfRhnUsiMwdJPlvrjZXYmKESJ8k4AuCkgV61%2BF6HGmKmSUVoYnyeLoQYp%2BJ4uwzre%2FcPXIIknQpgx6cW%2B1h5an0WadbjcRoJu%2BX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe1353c6dad1752-FRA

GET
H2 200 logo_ca_mobile.png
www.insurancebusinessmag.com/images/ 8 KB
9 KB 55ms
53ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca_mobile.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4785
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 8597
cf-request-id: 06e09f99db000017521d055000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NjFoISqO%2FgQEQZ1Sliw5J58soF9HdCWlO7P4CbDuT0MRtNI%2F5v%2BQ6W0r4vxFyTTUxSWqPQYgSupXz8s3w6B%2Fd66nVxRB4%2FDafcli1%2BcMV%2FIEAr15l%2BsGvvKjOtelqW9i%2Bwarf%2BZV6trS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe1353c6dee1752-FRA

GET
H2 200 0270_637429306728087852.jpg
cdn-res.keymedia.com/cms/images/us/023/ 71 KB
71 KB 56ms
9ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0270_637429306728087852.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 21:05:59 GMT
last-modified: Mon, 07 Dec 2020 09:37:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PdMDAfDpsglIvzXuEVA+hQ==
etag: 0x8D89A93C504BE16
content-type: image/jpeg
x-ms-request-id: 620743f1-a01e-00e5-0b7d-ccc0f9000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: istock-cyberattack-technology-606671804.jpg
content-length: 72201

GET
H2 200 img_enewsletter.gif
www.insurancebusinessmag.com/images/ 3 KB
3 KB 51ms
49ms Image
image/gif 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/img_enewsletter.gif

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4785
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2866
cf-request-id: 06e09f99dc0000175299035000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d9b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q6QyYqZ1TYouPt1JA5pZpeuo%2FgO3qhHPLlFvX%2BAjUjHwJWmj0IWEfBkoIq1xpBvapdw1rh9afmhYpdv6WfAX9RaZ2YgkKrocKxZ5oK%2F94SGOljcW%2BPNWhgP9sSHoGKDGWrbzw29i1P%2FZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe1353c6def1752-FRA

GET
H2 200 0116_637274390792424475.jpg
cdn-res.keymedia.com/cms/images/us/003/ 62 KB
63 KB 61ms
15ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/003/0116_637274390792424475.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 21:05:59 GMT
last-modified: Thu, 11 Jun 2020 02:24:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: +LKLZmxgLlM+nItRoCYu6A==
etag: 0x8D80DAE97B905DE
content-type: image/jpeg
x-ms-request-id: 6a6e2de0-801e-0006-2771-60a204000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: IBA Talk Hompage Tile_D.jpg
content-length: 63674

GET
H2 200 0132_637411468949978004.jpg
cdn-res.keymedia.com/cms/images/us/023/ 117 KB
118 KB 62ms
15ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0132_637411468949978004.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 21:05:59 GMT
last-modified: Mon, 16 Nov 2020 18:08:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: X1bLcJFJA0lHQYgdq4kMbQ==
etag: 0x8D88A5A96AC059A
content-type: image/jpeg
x-ms-request-id: 3253528b-901e-0057-2044-bc3f88000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: New Project(14).jpg
content-length: 119767

GET
H2 200 BPA_WW_MASTER.png
www.insurancebusinessmag.com/images/ 5 KB
6 KB 436ms
435ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/BPA_WW_MASTER.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5609
cf-request-id: 06e09f99dc0000175230aa2000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: "1d5b3e883a97ce9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v4D8yR1zNwKRdw06vWtwIhCpfyA7k5CaL%2FRUFImzwbwinaTmT35%2FXzpi6aanZo9dced5%2FLsvYQl2MhUUc5T8tz5xgeQmBfLJxHET0HMKV3ItZQwb%2BNayarK3uGgA5F5IUXqoyHqsxSpZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe1353c6df21752-FRA

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 23ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1607375159.dop207.fr8.t,1607375159.cds226.fr8.hc,1607375159.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 29ms
28ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1607375159.dop207.fr8.t,1607375159.cds226.fr8.hc,1607375159.cds251.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 10ms
10ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
9 KB 12ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 463194
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 9283
cf-request-id: 06e09f997f0000c290aabc7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YxohvIzPcjeddCgLr3GwCW0UBT1j792ZLzLwbNS7%2ByRsNPPC4WG%2FOjITLvQUJAmA3CgBRLwQ2GvW7yN3yHYS%2F%2FI163LMgNyzURY5GUAqwHzkmJfu3RIXKfdQj%2BrYJH9DPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe1353bfb6dc290-FRA
expires: Sat, 27 Nov 2021 21:05:59 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/ 23 KB
7 KB 19ms
19ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 417358
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6677
cf-request-id: 06e09f99930000c2909380c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5add"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V5sWbHyqxabe3c09OtDspJgxsLcyf%2B565yl8eWkwGscEwZDRpmqAOLAuc44LmEZRp5rT%2F%2FhqMJdA3Kx1RaZeg3107spXZS0MqKj29bR5BAT8C62sgPVcyh0fPqKLskEaEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe1353c1ba7c290-FRA
expires: Sat, 27 Nov 2021 21:05:59 GMT

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/ 5 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 463179
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1740
cf-request-id: 06e09f99a20000c290b62e2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NgmmDRTMXSjNE9owfbfJtmbGtbyNmmWyIevWjIqeJr5dyJwFS4aPqBgbvLR49ZmPlBld0Ia2Z2AfokoHSMTzIzmHxH5u3S4B2YCloptGGVy1ffVUD3dmL8NpDlJf52Hiww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe1353c3bdfc290-FRA
expires: Sat, 27 Nov 2021 21:05:59 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 2 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 463191
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 746
cf-request-id: 06e09f99ae0000c290fdaaf000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FrvLWq8GmIO03UEO7KZyrQuQ7TOsURyEYip5n6kQiljFxRU5jZwM88dCu%2Bp1fl5JyKcnx%2FdnItV8dSrN1HkO3%2F%2Ff6A%2BbGluhFci3yWr3cbd81xbm%2BwXSgvVS5HQsMDDtCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe1353c4c01c290-FRA
expires: Sat, 27 Nov 2021 21:05:59 GMT

GET
H2 200 jquery.bootstrap.wizard.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/ 9 KB
2 KB 14ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/jquery.bootstrap.wizard.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 411139
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 2027
cf-request-id: 06e09f99b00000c290a3052000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-23da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yc38iNCKYu6QxtYwwVgtmCxdI6h%2Ba%2B%2BLB%2Bpu%2FrDcLclydWpF1uQ8kQk%2F9Ey5qDns9Fwl2r2Vb95So1jRX%2BUfutuUY8%2BgrP%2FmC2Is1B2M5Crt4MUusRtr0WdQXdGkKpTPiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe1353c4c07c290-FRA
expires: Sat, 27 Nov 2021 21:05:59 GMT

GET
H2 200 site.min.js Show response
www.insurancebusinessmag.com/js/ 3 KB
2 KB 46ms
43ms Script
application/javascript 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/js/site.min.js?v=a8CgVlJJa2pHH6NyWSDRb1xgq97m0DJCCfQmFEGXcpU

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4785
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 06e09f99c4000017522e02f000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: W/"1d5b3e883a96460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QVrRhAncrujsAfE0ytuPTgSYrKteKAQcf3uGipt5O2N4mOSzOQPPkSiV7us8aGpF2d8IcPgPaeZyYkcEMfnq%2BQS%2B7i4PsSiUe0jeKroD3RTGHVpKvR%2FFMHD6PsS2xYt4%2BtEIa7jy4%2BWs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5fe1353c6da81752-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 160ms
59ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 07 Dec 2020 21:05:59 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 website-search-1.4.js Show response
cdn.sajari.net/js/integrations/ 662 KB
200 KB 115ms
34ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.net/js/integrations/website-search-1.4.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:32:40 GMT
content-encoding: gzip
age: 30799
x-guploader-uploadid: ABg5-Ux72zS3wD0fhI5JbBiXfel6kVFyNu4wJwDv-_Wb3jvLpraNKWkhXHkkY29JriX-W70IukBEDBufy4-Y24nwh7zoz-gynQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 204181
last-modified: Fri, 27 Nov 2020 01:20:45 GMT
server: UploadServer
etag: "65c7b0342e669c616f2779114a738111"
x-goog-hash: crc32c=lavJ7Q==, md5=ZcewNC5mnGFvJ3kRSnOBEQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1606440045862038
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 204181
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Dec 2020 12:32:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
45 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80479814589d820a87ac07a15295f8ed6bd207bd4c6750c72910093af88e79b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45520
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:05:59 GMT

GET
H/1.1 200
OK embed.js Show response
insurance-business.disqus.com/ 70 KB
23 KB 388ms
304ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-business.disqus.com/embed.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

5f927fef3a76f516a273eac38e9fd8ef22f2c40b741543c47e70ae6b7da54283

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:06:00 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 23291

GET
H2 200 keymedia_logo.png
www.insurancebusinessmag.com/images/ 3 KB
3 KB 17ms
16ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/keymedia_logo.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4785
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2797
cf-request-id: 06e09f99df00001752908a8000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d86d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GJpU31S8%2B6LS8WIg%2FKaHSLnhrSzwraZFoZTL6kUxavbmOYYjeSVhnqPhX2qSaJgdcOXt86m%2BNTd8Cpy5lBzCEbi%2Bb%2BYoFOHtGNEflGEfXm7NY%2BP%2Fvchus%2BIZ%2BiIITAdtVaka3vB7YGJL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe1353c9dfe1752-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 20:01:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 349487
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 03 Dec 2021 20:01:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 21:21:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 431084
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 02 Dec 2021 21:21:15 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 54ms
54ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
last-modified: Mon, 05 Oct 2020 15:14:37 GMT
server: NetDNA-cache/2.2
etag: "8e1ed89b6ccb8ce41faf5cb672677105"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 80300

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 77 KB
77 KB 114ms
113ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
last-modified: Mon, 05 Oct 2020 15:14:09 GMT
server: NetDNA-cache/2.2
etag: "f075c50f89795e4cdb4d45b51f1a6800"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 78460

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 13 KB
14 KB 140ms
139ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
last-modified: Mon, 05 Oct 2020 15:14:17 GMT
server: NetDNA-cache/2.2
etag: "4a74738e7728e93c4394b8604081da62"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 13548

GET
H3-Q050 200 pubads_impl_2020120301.js Show response
securepubads.g.doubleclick.net/gpt/ 279 KB
99 KB 112ms
65ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 09:42:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100510
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 48ms
48ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

a7c9033cc29f2861014f6d7edd9d4c60f0bffc22dc6ba37f6a912abb1ae5ad24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12178
x-xss-protection: 0
server: cafe
etag: 9340179056637264993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 21:05:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4599
date: Mon, 07 Dec 2020 19:49:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 07 Dec 2020 21:49:20 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 39 KB
13 KB 197ms
85ms Script
text/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 383e5f611a5c1637137d721c623842d4ad37fbb609e726a0a086b8fdd4c481cb

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: yT2i2LUnffbkUbjAt0k2siAlAt3lg4XR
Content-Encoding: gzip
ETag: "28571dc94738b2d5c8135d1bc9804d74"
x-amz-request-id: D8CA31517EEFF851
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12463
x-amz-id-2: PkdqUa7SG6Ah0SpKR1grFBRfosBP1h3P1ltrX3Wcyf1SBZYz90A7rCkQce7e5vNXvQZTeFm3u8g=
Last-Modified: Wed, 02 Dec 2020 20:32:00 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 21:06:00 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 3830659.js Show response
js.hs-scripts.com/ 2 KB
960 B 439ms
417ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3830659.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8baa44c9dce2ba13b4c29c5a5704bb20b005b9721fbec642f322b679a2e8c37

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B84D45C5668C18251439FF9661D318A97E441083E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 5fe1353dd9fb05bb-FRA
cf-request-id: 06e09f9aa4000005bb7a88c000000001
expires: Mon, 07 Dec 2020 21:07:00 GMT

GET
H2 200 H374CbiJXbyMaC6o2MeO Show response
ws.zoominfo.com/pixel/ 0
724 B 230ms
212ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/H374CbiJXbyMaC6o2MeO

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5fe1353dca7d2c22-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0
cf-request-id: 06e09f9aa000002c2267be6000000001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: E9+9h+ZxaScShWUuka+vp2/pxscmPPvYQUcUk7kjHf27Ks03kOo7GDcXzivXhSH+dhqKeON1ljtJ6RaAdmp9WQ==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 21:05:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 137ms
48ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 6CDA04CEF72D568E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24757
accept-ranges: bytes
content-length: 948
x-amz-id-2: vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=

GET
H2 200 sj.js Show response
cdn.sajari.com/js/ 73 KB
23 KB 113ms
32ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.com/js/sj.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 10:43:12 GMT
content-encoding: gzip
age: 37368
x-guploader-uploadid: ABg5-UzAr_hIRs8aw_H5DcGSj7cL-MDKrBkOxTg0j4qp-kgSTYOwZMYanYNusMnXvbjTPdqqOwQ8oNvN9nZnaQpOG-w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 22520
last-modified: Fri, 09 Aug 2019 06:30:26 GMT
server: UploadServer
etag: "3fff0fe5f3afe436da542b563b190778"
x-goog-hash: crc32c=dbS54A==, md5=P/8P5fOv5DbaVCtWOxkHeA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1565332226271049
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 22520
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Dec 2020 10:43:12 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-57392d15fa194164/ 2 KB
762 B 289ms
287ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-57392d15fa194164/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
etag: -1792729687--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=57, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 585

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 225ms
223ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fce9938a41ffeb2&bkl=0&bl=1&pdt=566&sid=5fce9938a41ffeb2&pub=ra-57392d15fa194164&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.insurancebusinessmag.com&fp=ca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1607375160113&jsl=1&uvs=5fce9938fd293d7b000&skipb=1&callback=addthis.cbs.jsonp__137836314089055060
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 14b6c92b06bb19d64717f684eb061b8e0ce7b51b660bc39d2ad16fb8e253b335

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:00 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F1CB 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 685C 0
0 73ms
72ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 07 Dec 2020 21:06:00 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
397 B 40ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1498510134&t=pageview&_s=1&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ul=en-us&de=UTF-8&dt=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1780085125&gjid=1816382909&cid=858152851.1607375160&tid=UA-67143636-4&_gid=1896036746.1607375160&_r=1&gtm=2wgb41PVJZ6HP&z=1479573774

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 239203017352524 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 56ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/239203017352524?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 4zW42M+6rm53WW0c0UiyjuYSETxfj21d1izJROytxRNKXF1u8JEK5QDxL6TrA+O+WQqJRXK81SVLPdmPkvYE/w==
x-fb-trip-id: 603378373
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 07 Dec 2020 21:06:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 213897403
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/?random=1607375160160&cv=9&fst=1607375160160&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a730b0e6c4dfc0d8d11e9132ff3a8385581158d7d3ef68214c6721d94534a682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
803 B 52ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 fancybox_sprite.png
www.insurancebusinessmag.com/images/ 1 KB
2 KB 16ms
16ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/fancybox_sprite.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2616
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 1362
cf-request-id: 06e09f9bcd0000175259921000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bY5UaepIfY9Boj2qgOGXCBEEPO%2BI7Dfqx3hFR7f%2Fi4aeGJALC7o3GuXb3RM8F%2Bti0Xzd6gPkD6PwkrvPlTLbB5zJRGLp3JW9hcoh1mZBbA1RntqRB6oS3%2Bd5qhoMbbyE3lgjdkDLIh4%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe1353fabee1752-FRA

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
15 KB 157ms
157ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2280478564405744&correlator=3958039466951279&output=ldjh&impl=fifs&eid=21067995%2C21063670%2C21068030&vrg=2020120301&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201207&iu_parts=1042886%2Ciboca_news_cyber_640x480-prestitial%2Ciboca_news_cyber_na_fluid_top1%2Ciboca_news_cyber_728x90%2Ciboca_news_cyber_125x750%2Ciboca_news_cyber_na_fluid_top2%2Ciboca_news_cyber_980x240%2Ciboca_news_cyber_970x90%2Ciboca_news_cyber_1000x90%2Ciboca_news_cyber_300x600%2Ciboca_news_cyber_300x250%2Ciboca_news_cyber_140x600%2Ciboca_news_cyber_140x300%2Ciboca_news_cyber_na_fluid_inarticle%2Ciboca_news_cyber_450x20%2Ciboca_news_cyber_480x300&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F15&prev_iu_szs=640x480%2C320x50%2C728x90%2C125x750%2C125x750%2C320x50%2C980x240%2C970x90%2C1x1%2C300x600%2C300x600%2C300x250%2C300x250%2C140x600%2C140x600%2C140x300%2C320x50%2C450x20%2C450x20%2C450x20%2C480x300&fluid=0%2Cheight%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0&ists=4096&prev_scp=%7Cposition%3D1%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D2%7C%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D3%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1607375160&dt=1607375160244&dlt=1607375159555&idt=615&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C310%2C560%2C165%2C1310%2C310%2C310%2C315%2C0%2C990%2C990%2C990%2C990%2C310%2C310%2C310%2C477%2C477%2C477%2C477%2C477&adys=-12245933%2C0%2C62%2C250%2C250%2C250%2C270%2C1110%2C3863%2C686%2C2882%2C2369%2C1316%2C846%2C1476%2C2106%2C1211%2C2249%2C2269%2C2289%2C2309&adks=2823933327%2C409129918%2C1675819882%2C4231056459%2C4231056460%2C4203074890%2C2050543086%2C3789700953%2C2408097924%2C326545365%2C326545355%2C1361478051%2C1361478104%2C3532230482%2C3532230485%2C2747176942%2C4024826935%2C2484961435%2C2484961432%2C2484961433%2C1964108665&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1000x1%7C730x90%7C125x750%7C125x750%7C1000x20%7C980x240%7C1600x3863%7C1600x3863%7C313x600%7C313x600%7C313x250%7C313x250%7C146x600%7C146x600%7C146x300%7C479x884%7C479x445%7C479x445%7C479x445%7C479x445&msz=0x-1%7C980x0%7C730x90%7C125x750%7C125x750%7C980x0%7C980x240%7C970x-1%7C1600x1%7C300x600%7C300x600%7C300x250%7C300x250%7C146x600%7C146x600%7C146x300%7C479x0%7C479x20%7C479x20%7C479x20%7C479x300&ga_vid=858152851.1607375160&ga_sid=1607375160&ga_hid=1498510134&fws=644%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C479%2C479%2C479%2C479%2C479&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b91afc574cc69d751fb2dc0b736a0d762edc7ff5495abdff470f41cab454f54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14074
x-xss-protection: 0
google-lineitem-id: 5522499108,-2,5523842285,-2,-2,-2,5523842285,-2,5523842285,5523842285,-2,5523842285,-2,5523842285,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138328442418,-2,138328415276,-2,-2,-2,138328444695,-2,138328415726,138328444692,-2,138328444698,-2,138328444683,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6b522d63087722712a1b2454d6d2b0a6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 29ms
14ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6b522d63087722712a1b2454d6d2b0a6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

46ms
46ms

Script
application/javascript

104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NRd5BJy3mTVGILCcmBdUI4KKHh2sq935
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 7W9WAWDN1PDJ9K6T
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE=
Last-Modified: Wed, 02 Dec 2020 20:19:48 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 21:06:00 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 07 Dec 2020 21:06:00 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/ 1 KB
1 KB 173ms
59ms Script
text/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _mn1D0VtNh5freWhh9.kCWYn3Qouzsse
Content-Encoding: gzip
ETag: "3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id: 6B99C8ABABB88D46
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 635
x-amz-id-2: 8Ntj3t+1zhytmEs1jF4ETPtx3N2P1xbq+UEU2s949XQKYAYr52T9NfnUCfzlZ+eZYSjFBR9/BbY=
Last-Modified: Sun, 06 Dec 2020 20:41:15 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 21:06:00 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=ef727bcb25b2d6924c8b0ee011ad9314&_b=2
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=ef727bcb25b2d6924c8b0ee011ad9314&_b=2

386 B
854 B

63ms
62ms

Script
application/javascript

54.78.251.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=ef727bcb25b2d6924c8b0ee011ad9314&_b=2
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.251.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: f490a80a6acbacad8b2a46b20432d093619d2df7816bd08ea9e78203c3cc71c9

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:00 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 386
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=ef727bcb25b2d6924c8b0ee011ad9314&_b=2
date: Mon, 07 Dec 2020 21:06:00 GMT
server: nginx/1.18.0
content-length: 105

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
94 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-67143636-4&cid=858152851.1607375160&jid=1780085125&gjid=1816382909&_gid=1896036746.1607375160&_u=YEBAAAAAAAAAAC~&z=1466838178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Dec 2020 21:06:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 0
23 KB 41ms
19ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1550731
strict-transport-security: max-age=300; includeSubdomains
content-length: 22655
cf-request-id: 06e09f9c0000002c2e769ba000000001
timing-allow-origin: *
last-modified: Thu, 19 Nov 2020 22:06:27 GMT
server: cloudflare
etag: "5fb6ec63-587f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 5fe1353ffcaf2c2e-FRA
x-amz-cf-id: U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires: Fri, 19 Nov 2021 22:20:27 GMT

GET
H2 200 common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js
c.disquscdn.com/next/embed/ 0
93 KB 43ms
21ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 595370
strict-transport-security: max-age=300; includeSubdomains
content-length: 94783
cf-request-id: 06e09f9c0000002c2e8a801000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 23:25:14 GMT
server: cloudflare
etag: "5fc57f5a-1723f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 5fe1353ffcb32c2e-FRA
x-amz-cf-id: qTlIsgJeiVKYLpKJk7-tZpsLzHRMZ2jhKj-dLst3ozr307jdRNXxtw==
expires: Tue, 30 Nov 2021 23:43:04 GMT

GET
H2 200 lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js
c.disquscdn.com/next/embed/ 0
114 KB 49ms
27ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1474534
strict-transport-security: max-age=300; includeSubdomains
content-length: 116379
cf-request-id: 06e09f9c0000002c2e53a2a000000001
timing-allow-origin: *
last-modified: Fri, 20 Nov 2020 19:08:20 GMT
server: cloudflare
etag: "5fb81424-1c69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C1
accept-ranges: bytes
cf-ray: 5fe1353ffcb42c2e-FRA
x-amz-cf-id: yaoISWtZa_Htm13y7eXpFluexrytRU8scoM6I0rwGiOxoIOb1BdMdg==
expires: Sat, 20 Nov 2021 19:30:24 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
10 KB 126ms
41ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 21:06:00 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 55
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9280
X-XSS-Protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/948015301/ 42 B
110 B 21ms
20ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948015301/?random=1607375160160&cv=9&fst=1607374800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=260952535&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948015301/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948015301/?random=1607375160160&cv=9&fst=1607374800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=260952535&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
263 B 7ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=239203017352524&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607375160324&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607375160323.1797917078&it=1607375160143&coo=false&rqm=GET

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H2 200 3830659.js Show response
js.hs-analytics.net/analytics/1607375100000/ 63 KB
19 KB 534ms
511ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1607375100000/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab092634138c04c4d400ffe26f4d1e7e332adbd7ce2b974288b0674850bc2b0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 8C30E8095B72E6ED
x-amz-server-side-encryption: AES256
cf-ray: 5fe135409ededfef-FRA
x-amz-id-2: NVMneoBaPcoJrA6DLyPZOFphdvCgKripoIAawrx04eQiyi4DhV48Ks8JzSBvRX7OrAFa7IebgIk=
last-modified: Mon, 07 Dec 2020 17:12:38 GMT
server: cloudflare
etag: W/"44e808ceba70a8e67afa883c1bf6dc20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 06e09f9c5d0000dfef302c5000000001
content-type: text/javascript
expires: Mon, 07 Dec 2020 21:11:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 32ms
15ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
via: 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 188
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.218/bundles/pixels-release.js&cfRay=5fe130a70eb9177e-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06e09f9c5600002b89c7a0f000000001
last-modified: Wed, 02 Dec 2020 05:20:17 UTC
server: cloudflare
etag: W/"6159aaab2b9ebbe66181371c0b06ec68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2loL3K5wOlJ4UYDOHK3xdpXBRt2L9KwW
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 5fe135408e182b89-FRA
x-amz-cf-id: TykTsWCmSZFNw3FaqtyfkNx02_9eMThnj3_BHecJZMElPl-RhS6XNg==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 79 KB
20 KB 39ms
22ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
via: 1.1 fb41e17254dfd781519e95cedd257827.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 275
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.7966/bundles/project.js&cfRay=5fe12e874ab1c26d-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06e09f9c580000c29549866000000001
last-modified: Mon, 07 Dec 2020 03:40:46 UTC
server: cloudflare
etag: W/"084f0064b523664ce082aebef736853e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kCPoihtV0nKfLLh1Z8xOU8_A5Ba4lvrR
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 5fe135408e3cc295-FRA
x-amz-cf-id: 7ggLbQrBQdMudXTeaNQl7stdlc54VxgWepzR-hxzOHrP6olXNZ4xCA==

GET
H2 200 3830659.js Show response
js.hs-banner.com/ 51 KB
13 KB 119ms
101ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493a176ec78fb0ac6b6a95d9a93d57cd4db4880151ec1017282f8fee3f6250c9

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=Smq16w==, md5=MOAVoix/DZ6XFVDsDiVRgA==
date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-Uy7ZhscbhPzkPDe4ps3Dooy_THOAAEU8MGRsUOy2Sa3ifKKu5w83ID7hnsM08ISZV_wEcO3nDZenokmtUcm3CtBpZ55YA
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 06e09f9c590000c2bd6088c000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 17:52:35 GMT
server: cloudflare
etag: W/"30e015a22c7f0d9e971550ec0e255180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1606758755326219
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 52110
cf-ray: 5fe135408ed8c2bd-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 07 Dec 2020 21:11:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 53ms
53ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 07 Dec 2020 21:06:00 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame FF89 0
0 212ms
187ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

Connection: keep-alive
Content-Length: 2749
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 07 Dec 2020 09:40:45 GMT
ETag: W/"lounge:view:8304289896.1a712cca7a006174d37d2a69da1457bd.2"
Content-Encoding: gzip
Date: Mon, 07 Dec 2020 21:06:00 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 161ms
146ms Other
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3830659&conversations-embed=static-1.7966&mobile=false&messagesUtk=d45f824887384c309d37468d5ce1d495&traceId=d45f824887384c309d37468d5ce1d495

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.insurancebusinessmag.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2B5BB661E83498138C02D0CB1CD1B99C077938939F000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status: DYNAMIC
cf-request-id: 06e09f9c8e0000175a33808000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 5fe13540ea00175a-FRA

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 351 B
498 B 440ms
440ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

date: Mon, 07 Dec 2020 21:06:01 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-length: 269
cf-request-id: 06e09f9d240000175a77b9d000000001
server: cloudflare
x-trace: 2B41978886D53A652D5748A83AA7D11205DA1BDCD3000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 5fe13541dc4c175a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6C9 0
0 49ms
48ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh6kOrwVtnRGoTNNynh7NA0l6CT3rs6Gr8RK7ymrs-yy6MlP1TKQyosTOCdvAB9fNoCvixfGmWQNoJTqLzCqjgC_qu_pQpyMgElecNpe7mVxMxWGpC4aZWbc45JMrhV2nX6BxT3z5DMMlbGwUWRZ8kjenlivNoSo8ORgqD1daKEjM2mB1mc4i4QkAjfDe2K4KGef7EMSrXPVc0sDwissljNhGwwbWLgVcrpaCOPKOQ0h7WbUF9ULs44uIpvpkBJSt8yEyHOgC3xgfKE03fyS8dg0D2RQwcVeKSZEebzHuTqqwwokWhIOP80rhRWmgParoIFA&sig=Cg0ArKJSzNetCO0k7P58EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame F6C9 3 KB
2 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6C9 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F6C9 0
0 14ms
13ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrYPB0Kf-RByx145BC96pnGjVnG9l7kcGMl5LNzQ0W8XkAsAwMRn358AmXzWDXKxsGU9icZxwg5m66HDriH-WWqFM31A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 128802055032131217
tpc.googlesyndication.com/simgad/ Frame F6C9 43 KB
43 KB 38ms
21ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/128802055032131217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a4080d7b3a78d8829b8e436b103b9736e6757f007c06d51ada0f659cb50a6b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 21:13:25 GMT
x-content-type-options: nosniff
age: 85955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43800
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:28:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Dec 2021 21:13:25 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3600 0
0 50ms
49ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss48sXckCKCtQT3A9qL5dhE0Gmf2c8BxTe_XTQCQD7v0YcGjJUaAuXD_Bv-bryvUByNot8nbc4Ka5kFwVFD63Yyz_Jx3JNFn7a0NLXdOiLK2h3MIE_Krb_V_xqGpm0ulpSHpJmiqsYLDdtzz1tS_ebAPtwzGimEzifZI4IcmLOXuarQnjuEdHDyN7oMBdnxRbmUwsmAppAcbEPkhx9yuFnsdE4511aYBn5tQ4GhwPsId7D8mEOIbA5_LDQu6ZYTXq7KjtRNtVqEFCdpC1Mrm_wK8DuS8pLKoGs1xQ&sig=Cg0ArKJSzGvOWhBrKWAfEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 3600 3 KB
1 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3600 76 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H3-Q050 200 16087027898513391236
tpc.googlesyndication.com/simgad/ Frame 3600 40 KB
40 KB 36ms
23ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16087027898513391236

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 08:01:52 GMT
x-content-type-options: nosniff
age: 47048
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40837
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 08:01:52 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83A4 0
0 50ms
49ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-Tx0EprJ3XEQCBpO5J3CP7GcqQE8v2Bo8jXz8yHKbRNtbRRXE5cQQAz77jEFdNc6qLzPBbdEWRznhsqXjcaw3lxbBJRt89bj0khUmoPh76A3LXQJUl-eKghCVFQEm_9vKqgF6zqKzczNZIgzgXR7zzNT5WrwvosFuepMFzCKxhhO7BSDevNsKvF5UqR0oDZ0halD1HqQSeSAbxFtWTARFivsgBilBQXO3Ryr-_pK9TcN68XO-4Owgt1zBJZXV5C7D7PVAAxjWm9fq4yzWKVhlD9yW1sHUmn0dHPg&sig=Cg0ArKJSzA-cb7e7XzjIEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 83A4 3 KB
1 KB 28ms
20ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83A4 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H3-Q050 200 12598932462570953785
tpc.googlesyndication.com/simgad/ Frame 83A4 46 KB
46 KB 38ms
29ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12598932462570953785

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 24011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47548
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 15:26:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E7D 0
0 53ms
49ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjWz8wvjrDMCssIy-9hywzRhwWGXJ259slDJy4RfFxjd0XbmJIiY5xtYRrGBM_beWVc3whckE0L0qvZj17yUgYagdxiO_uboBM-GOBK37nEtzbIUFCJhEsqbhk_KOTwPMzhWKzJG6mFj52lgLlPf8rzjIoKZppMiuOwyBHd16LM6CLqZS7h-oFbcmwYTIPB5ogVoX4_sjT5VRIw6WcFxCvaN0k1LIHGXyWAvv725af9gLb7vEsY-t7HSngWMjdF17_fjU30SfOWpW8RNMJ65cDQ-PuynPq0fj8F2c&sig=Cg0ArKJSzHDT1pwyFeYiEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 2E7D 3 KB
1 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E7D 76 KB
29 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 2E7D 0
0 16ms
13ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCNNtujIS9c-C4jofYJqU-VaSuVK10ORR5QjRxVAxrzTdVeMj0ZZiFSZXYdhO3UHvyaE4XRkSd3yA7h6rcI0roPl5V3Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 14015424997989743780
tpc.googlesyndication.com/simgad/ Frame 2E7D 43 KB
43 KB 28ms
26ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14015424997989743780

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 24011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44348
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

GET
H3-Q050

200

13810547153303696996
tpc.googlesyndication.com/simgad/ Frame 55B4
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGu3xiFkRVhKkD9lMtyASUUnzXcCsJ5Ml0r-nXiljqrOd5yDIDU243fZWcMWRz7_OxUItAHJXwyTZO_w957o_KcNUkjNj2Rd-dtPBXueBtRvcJmUg8splzAvD_rEdLM4k6rAjgeZm5v...
https://tpc.googlesyndication.com/simgad/13810547153303696996?

44 KB
44 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13810547153303696996?

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 24011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44712
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:39:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/13810547153303696996?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e735e08c4da24b5efe03dc7d48842a415f91122e5b74e23d2e9e461d0ae73199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28447
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 87D9 0
0 50ms
48ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvDO4VjPPT2RkqppZ3dmWO4bVhlyxUYaxhIrhWoc3lbOIsr6stbPZ6Cm90UsPGayPRnGtPZ8-omZuNQGKKTRUrr5oEpJXneKSuQ1GvBhO5plrb3Tf9RbzEhfHdCPTx7WDUFIz8lyLlrc0d9NRNXawQNeEOpoP6tk0s_cSbdjiscyCga5kr5KOaMly__pbMX8yZyCtx9man8ECx0UYcL-dQICYZZmkfEEajxQ7FFc_cnvg7Bsfo5p65fHeopcfsVSFHsb7rkxucxNkhOT5RvntKYTOalUKHoIMia_I&sig=Cg0ArKJSzDEe_FfDcaRTEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 87D9 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87D9 76 KB
29 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 87D9 0
0 15ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKSxJv-X5zz1s4UFDjPMQMM9ssjmaWK3GWa3dVYk0l0RRfvlmSWMYEWGt2tZ13pIeWWnVF16sklwJ1INfoukHPYONphg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 17709520277748985683
tpc.googlesyndication.com/simgad/ Frame 87D9 44 KB
44 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17709520277748985683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba2a0e5d978194c64c77dde2152baf5ff5ae0548ccae71aaf75b257558c76e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 14:07:16 GMT
x-content-type-options: nosniff
age: 457124
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45113
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Dec 2021 14:07:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBEE 0
0 51ms
50ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstotmCv9i8LwUVPrLWrZPAVFXZvzlk0sw7JQObO5l3c7B3yZ_Q-o8uZBdbs8yHcrlnnur8MayeYfOrPx3jHrHCITWtiePtA2MR-OBvIYt_edusF_Y0f77U_x4tFcur-AMHg68SWrN0rJQ6AwE_wdp3bBBoYzeKFxMjBbbJDRa8Je1bOgNnyY461WI5iZCLZSPriXvAy267ePhtevd2xI_ekMoLZTzDckxEo2FCNTqlI7xRWiAjB_5p0WiaD6DEZMRgSMRV-tuAwoWYkqOLgbMlWsELpMk9UOk9PkQM&sig=Cg0ArKJSzBg67MZ6MMNHEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame BBEE 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBEE 76 KB
29 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:00 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame BBEE 0
0 16ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmbDAriurgRxfPAcB2iLk4VUL1kboN0TkuIJDIGAxCn6Mb11Hpe81FcuHttutwlC42ec7jXEIPldrFDsM5Tkr6J8XjKQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 8091804047278586021
tpc.googlesyndication.com/simgad/ Frame BBEE 46 KB
46 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8091804047278586021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:08:42 GMT
x-content-type-options: nosniff
age: 25038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46899
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:08:42 GMT

GET
DATA 200
OK truncated
/ Frame F6C9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb77ff904519ff37b810a1492714fba91b28a05cc294bcf3a4a61a8f7893e8f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3600 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f60c7599a64cd0b44bdf7a3df22c737a43dfd80967c42d6110801f26a5bb2e78

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83A4 0
22 B 50ms
49ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5t0GqQVhqBjUpeDXZi1WuFDAIswD9z4IJiuRlfwaI3oCYPInlMFG4552_Fz2BGmOeSMTlp7zBX_6OCWFFt1BFuapnWpscIXM3gTeRSbH1pSHem-avGQnlD6pb-vBPsib_Z0tjQ8oKRd1t7N4xYGcS6OTpNpBtHzCtJmZ9iEYvPln4U9fqLwOcH14f90fA459HhgTCga_WSAXnGB2z03coO5PaJonsCtqRv9QiggsTBjrutMNZO-dCKH8gI8soN5JpQGuCYDpt8EaZmjvYYobMFTG16dygy5LNO2Z1LQ&sig=Cg0ArKJSzCo49P8BYFKpEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 83A4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1efa0eda4c1e37f9b6d918640bc2ebb465b2a6895eee1ca07646f9d6c03f6d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6C9 0
22 B 49ms
49ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_cN93W3CblAVXePzTU9JbuhDs8qhu0wln4n0MZ34tilQnxWbBBm0MN4qsSR8921ferPVUINOjUgLMMEztYxVfYXdQWzPss4fFO-XOfNLSzdPt-PaNguafjJuG6aLX9UvbFE44osGtcKrfnHZj61VQx8xVtzaC5peDnWq0NomsfNYUTcpxVNLFYnjyU1L-T9igYB92N6vnwVgovYV8hXLC2exrox1S7udxtQvdj06OWhAmPm0H5G9MlNtis4rgHlrlWmzUyFf-iQuEi6x0OzKcVy8iULNQbEP6g6qb4RMMZ9spLV3vZQ&sig=Cg0ArKJSzLGAXFmch7LSEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3600 0
22 B 48ms
48ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLLzP20FIi0vGXHISqxT0J01j_RppQie8by8qO6kGx-3tP1wvoe6Nc-Hnm5XE4_l6PiLWKduG1QbGH023ZQ2-MzyNx7WZXzlKe4kQKI5K31fD5ryn0BNfM0NWsmukztxtX8BxLDFrkFAdPuas5Qi25ls3svYpf_LLHSvFV6g3I23hnwFNIr82mU7WkFjsBulh9Qtjo_UuJZzMsQT3jVEpkzP1E6oIbS2Yh3aXN568LE9g7ibsL65m4m2QPb97wET2k-sAPfQPgUoCYPOijjMaTxgttsQ-LPj9L8pXe&sig=Cg0ArKJSzKXKJJPzI7tfEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E7D 0
22 B 49ms
49ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKVKye9qJDKWAQ_dejodwWiJ74g9aYt0E2CnOC7VenznS2RnN9fJuBpWIs6jmq4gn8lkeAq0PRTLsSm6PgoRaaj-c-XsAzG0Kpqh43m_t95UKcuEFQNyKXnrRQU2sOeYDZeQ-VlB6TVkVNNexzrpnTK5ohGeIrJ38sNIwGOl4v5Tz6PTGP7keDzxjyF2fftKVRk6G_t1FDcGu6dN0BRLAwWhTOikiPR0Duke48dqODR-PuBEskBAi7NEFVnZatwHZd_LoCbiMjLhoiUmRJZpw82KdKuertlczPZCZM0A&sig=Cg0ArKJSzFY3jTJoMeSZEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2E7D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97e9afdf9b3e120e4bb7753f7a21266a5ac89d6853c8c486c807e7f61baf0ebf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 87D9 0
22 B 49ms
48ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrzuZnb_U34EHHqwBv_zgwfz-oMUz7EwHgzScBTGMBeeFwku6B_TNlif_NlqJCtfQUyaSemeSxsc6mysKc2q_g_0LzaPBhK_QRqWQi9nx11kRP4d48E77rBIXeEYIM234CQh0iT0_ejEL4-hEY_5IwNAHArvLzFP9WiBFlUP7P300YfqFoi_eELJT_tiUTZlBwr-JcuefDnzehkAGEP0NWvmh5WAtefOzq-Lz3RTDlpk4UwxfCqd_V7GQoXg8uXaNzuq678G6HdWqgNMvQs2Qhho5jvJVDRqbstS1QjA&sig=Cg0ArKJSzFA2sNvCeglxEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 87D9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec80d4ec398b3777225a507b7af7b7d4055e8896a8c0b394c6d958f26974110

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBEE 0
22 B 49ms
48ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhE6P6kM6LyclMPrGRV13JncJH9fswdQYYHFqPpCTejCqHlODxK8IK3jHeHeJEMqu2Ke4WQEDe7NGH5SxzRhsb_dQzjm5Q_8Y5ucfcKUqb3n-59HeE4BiPpE2ff9bjsOjWTDVxXNKzDM1ZUr-oLnCZGxaU9R6Uu2lVwnR7544q_WtdqD8PNAEZj7ttkNPyZiPwhMxsMA2Dn1smFOpCXj-7Y8zvYSZs6ETVkGtKfNvW8BU1_QwU6QBGYSU0mmTAcROLUjJI6C5xTmwReCHV9ikZwab8533Bzuo0KK4e3g&sig=Cg0ArKJSzNuLMJwfrbjkEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BBEE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b57c6d612f25a0b5c3529276d9031fd389e0f68661b7f260e25be9a0dc8586ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

GXLA5HH2IBHK5CA2VTBGL2.js Show response
s.adroll.com/pixel/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/
Redirect Chain

https://d.adroll.com/pixel/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcy...
https://s.adroll.com/pixel/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/GXLA5HH2IBHK5CA2VTBGL2.js

3 KB
2 KB

232ms
231ms

Script
text/javascript

104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/GXLA5HH2IBHK5CA2VTBGL2.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6778a27a350ccc0ad5ee58c7498f26ee9556d2ebd761255114dc31a98bacfba

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Wsis2GBoPEHxzFZfKqbFSDts2MqD217U
Content-Encoding: gzip
ETag: "7a3fef93a441c2551673457554948319"
x-amz-request-id: 7CA16737EEE721B8
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1343
x-amz-id-2: MLVMIqspeTjbRtW2AGffNx7PAWqlqD5YShx/T8dsx/aE030Xu7RjSy2VZ6t2ZUtE9u1kFgt03HY=
Last-Modified: Mon, 28 Sep 2020 18:11:28 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 21:06:00 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
date: Mon, 07 Dec 2020 21:06:00 GMT
x-segment-eid: GXLA5HH2IBHK5CA2VTBGL2
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/GXLA5HH2IBHK5CA2VTBGL2.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: UBR2M7RH2FGKBCKNOSQYCJ
x-segment-name: *
x-advertisable-eid: 2VITFUM7BRCEBEOMM6S7XQ
content-length: 0
x-conversion-currency

GET
DATA 200
OK truncated
/ Frame 55B4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a89035d1074d92d370633b62e6e1f11714a57ce837924d4b5de825ea36191b65

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
www.facebook.com/tr/ 0
62 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryRTryzA1nyn5NrWvU

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 21:06:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 0771 337 B
402 B 14ms
14ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2917196
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:35:14 GMT
server: cloudflare
etag: "5f6a51f2-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 06e09f9e9500002c2e48b9e000000001
accept-ranges: bytes
cf-ray: 5fe1354428b02c2e-FRA
expires: Fri, 24 Sep 2021 14:09:36 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame AB22 337 B
374 B 13ms
13ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2917196
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:35:14 GMT
server: cloudflare
etag: "5f6a51f2-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 06e09f9e9900002c2e381ce000000001
accept-ranges: bytes
cf-ray: 5fe1354428b82c2e-FRA
expires: Fri, 24 Sep 2021 14:09:36 GMT

GET
H2 200 113324736005049 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 185ms
185ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/113324736005049?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc17c6b7f01eac8daac8ec54f6a296c245cfc54460b7c2d97a648c0bc13de60b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: qD2+l0NGlEzILf+l6vEi/7GZH7i0YLpnfPy5V8rNGqakqFHaw5mAdT0lnDDz71HFXwzWHGz9RnDYc0t8F+Tc3w==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 21:06:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1839896703
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
500 B

61ms
61ms

Image
image/gif

54.78.251.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.251.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: image/gif
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

date: Mon, 07 Dec 2020 21:06:01 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-...
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY

43 B
410 B

40ms
40ms

Image
image/gif

35.158.179.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.179.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-179-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY
date: Mon, 07 Dec 2020 21:06:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-...
https://ib.adnxs.com/setuid?entity=172&code=NTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY

43 B
1 KB

57ms
57ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Dec 2020 21:06:01 GMT
X-Proxy-Origin: 37.120.213.132; 37.120.213.132; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid: 63999378-6a47-438c-88ce-1e0f59c194f6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Dec 2020 21:06:01 GMT
X-Proxy-Origin: 37.120.213.132; 37.120.213.132; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.229:80
AN-X-Request-Uuid: 9a81f63e-5da6-4cf2-906e-e0a7d0873d7a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTJlMGIxNThjZGY2NTE5NzNmN2YxM2FiYjY0YjkyZTY
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

451

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-...
https://idsync.rlcdn.com/377928.gif?partner_uid=52e0b158cdf651973f7f13abb64b92e6

0
66 B

127ms
46ms

Image
text/plain

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=52e0b158cdf651973f7f13abb64b92e6
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:01 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/377928.gif?partner_uid=52e0b158cdf651973f7f13abb64b92e6
pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 86
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=52e0b158cdf651973f7f13abb64b92e6
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=52e0b158cdf651973f7f13abb64b92e6

43 B
180 B

44ms
43ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=52e0b158cdf651973f7f13abb64b92e6
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.198.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
via: 1.1 google
server: OXGW/16.198.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=52e0b158cdf651973f7f13abb64b92e6
date: Mon, 07 Dec 2020 21:06:01 GMT
via: 1.1 google
server: OXGW/16.198.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=e11458d25915bf962d4eb475abe102c5-1607375160679&arrfrr=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=UuCxWM32UZc_fxOrtkuS5g
https://d.adroll.com/cm/g/in

42 B
536 B

61ms
61ms

Image
image/gif

54.78.251.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.251.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
152 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=113324736005049&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607375161208&cd[segment_eid]=GXLA5HH2IBHK5CA2VTBGL2&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=29&fbp=fb.1.1607375160323.1797917078&it=1607375160143&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 21:06:01 GMT

GET
H2 200 /
re.sajari.com/ 48 B
48 B 193ms
163ms Image
image/gif 2a00:1450:4001:816::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re.sajari.com/?company=keymedia&collection=insurancebusiness&cc.co=keymedia&cc.pr=insurancebusiness&p.ga=858152851&p.id=1607375160312.848171&e.id=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec.ti=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&ec.de=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&ec.ke=&canonical=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&bodyChecksum=e86c6832dea3f3fc78cbdb9e0afcd879&metaChecksum=9fa55bef232096ad927a2f87f0dc9f12&meta%5Bviewport%5D=width%3Ddevice-width%2C%20initial-scale%3D1&meta%5Bdescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bcustom%20meta%20field%5D=2020&meta%5Bauthor%5D=Lyle%20Adriano&meta%5Btwitter%3Acard%5D=summary_large_image&meta%5Btwitter%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Btwitter%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Btwitter%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Btwitter%3Asite%5D=%40InsuranceBizCA&meta%5Bog%3Aurl%5D=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&meta%5Bog%3Atype%5D=article&meta%5Bog%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Bog%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bog%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Bpublished_year%5D=custom%20meta%20field
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cloud-trace-context: ea9d1e993e6c35daa6af859f902e04b1
x-appengine-log-flush-count: 0
server: Google Frontend
date: Mon, 07 Dec 2020 21:06:01 GMT
content-length: 48
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49fe05e2db7239e63fca76d131b91a92ecc3dbadfcba2df78e56ae99a8a9d71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 21:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6471
x-xss-protection: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 134 B
707 B 153ms
138ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3830659

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 06e09f9fdf0000d6bd9a0f8000000001
server: cloudflare
x-trace: 2B52945B4A771657A596EC46CDFBF10E06618C6FB9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: false
cf-ray: 5fe135463ec0d6bd-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
528 B 61ms
35ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=3830659&rcu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&pu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t=Malicious+actors+publish+data+stolen+from+fuel+company+%7C+Insurance+Business&cts=1607375161301&vi=3a430962cf917768e5dbb064547a595b&nc=true&u=226989634.3a430962cf917768e5dbb064547a595b.1607375161296.1607375161296.1607375161296.1&b=226989634.1.1607375161297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5fe135465ebd2c2e-FRA
date: Mon, 07 Dec 2020 21:06:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 06e09f9ff700002c2e3936e000000001
x-robots-tag: none

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 07 Dec 2020 21:06:01 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame A764 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 07 Dec 2020 19:53:35 GMT
expires: Tue, 07 Dec 2021 19:53:35 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4346
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 661917934558964 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 62ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661917934558964?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

424bd8c15b75522b392c071dd64f49ee0b025f06a58e7394c33851c0394e4b91

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JmGA9EKvdQ5UzJHDiXTWLWpnT6lbvWiSgbOSQ9aKHsCS2q9NfEESsz61UNL1QI+F0hmeqTzOZfSiHeNYBimsWQ==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 21:06:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1473320740
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 228002331440464 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/228002331440464?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 1DVvLN2Z6UERnlITYkcJZIUDE34vIVl373lDjM4jng4/2t0YxYdRrUIvjvpTKIxzBmETO77nlvaKOC7BHEjFuA==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 21:06:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 485817644
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
198 B 16ms
15ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120301&jk=2280478564405744&bg=!YmGlYUHNAAUbEDgJG1jbqLzxDGa1MAIAAACFUgAAABZoAQcKAHeVWoyAQeEIEEh7P6yp3Dm9F0jKibLlpuxRvAPmZpsrv9CHaENbVmM9-t5Q3qNDKcDbgB-AwnZgtsMLwcne9qiPQSdu87h_29mu00qqjcy4v5tMDLnjf7ZyrhqkdBZsQH0ZbhZ2iO3YKEJpoR2qG0BZv_xs0QSZM5kBxS2SKLv33jEa1qiC2CDlvJBUkHygxOkyLaZvywzoHg9izSZrrNn6pTozAhwAeKhTmgC8snx0ujjqNc6hZLYHlaXEJMiFeQojlaIfg421An3SRDZsCYEK1WZdF7j8S9Nh_mfquOL2g0rTNRe-8Qg4fEMv8xUe_IdZ22F3XULWmiGDcJiFcxAqonop6kKgftvyUBMuyCbX-5-AVDyYvaeS9HJ-At5t19ngtnvetfWrVVycc6TnKNQU8yAHVgLmdsH0RAGLw-IpSfC4-9MKo6s2TKlJH3JzCERlMdsC6O10Rt8njg_6wkLbznJ_CrtLYjzlyhXFA6g_aJCm6OhVu3dX8u-9KiKBgtpSH3oMoLUYsHJd5YihD0WfA-6CldT4rrWKWQp-lLYX2ouBCoKmO0_z5HSWHzD6NKlcA84LLGl7cjgKcUHq7AQfrFLSEN_XNHYiSifgGyk3KsKlQKfNMDyk199SA-acVUMw2H9-g-epJqaBLLNWuhDQcSXwMjlFeMoLALPv3WpWH9msT1_ludb2pA6aNmUu25Dl0Wv9RO-b5NoQcbXf1G8NOWO6Zpf0RxyW0VK7kfFAafpF0odS8pnF0_aYDfRnEA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661917934558964&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607375161597&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607375160323.1797917078&it=1607375160143&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 21:06:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=228002331440464&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607375161598&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607375160323.1797917078&it=1607375160143&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 21:06:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 21:06:01 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 83A4 42 B
71 B 15ms
14ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucnxecqGUkaYB7PuFyKXxIzhyK-OuSmAem9dhTMjm0iHHhbAAOi2Cnj9HDFbMsWr4RmOKg_DF15T3bJsQ_ZSzpQ1vk0RIG1G5luh8cZSM&sig=Cg0ArKJSzDkus5k9ZrtDEAE&adk=2050543086&tt=-1&bs=1600%2C1200&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&p=251,310,491,1290&mcvt=1027&rs=0&ht=0&tfs=121&tls=1148&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=4&niot_cbk=83&md=2&btr=0&cpmav=0&lm=2&rst=1607375160488&dlt&rpt=200&isd=0&msd=0&xdi=0&ps=1600%2C3090&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1146&is=980%2C240&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=980x240&itpl=3&v=20201204

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F6C9 42 B
66 B 14ms
14ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1tPybEtxzpvrSRI2WAHJehSyt6bPsBFjWzFu1LWKpHAvCw3J4sKrY88nsHtxyqDkFa5dkV6Ggs4MMqBkG6JQMD3-_9NEmVEpl0FzE_4A&sig=Cg0ArKJSzMxP1Nw28IxQEAE&adk=2823933327&tt=-1&bs=1600%2C1200&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&p=319,480,799,1120&mcvt=1022&rs=0&ht=0&tfs=181&tls=1203&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=70&niot_cbk=137&md=2&btr=0&cpmav=0&lm=2&rst=1607375160485&dlt&rpt=203&isd=0&msd=0&xdi=0&ps=1600%2C3090&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-7-11-11-0-0-0&tvt=1198&is=640%2C480&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=640x480&itpl=3&v=20201204

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3600 42 B
66 B 15ms
15ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiCmGL8v2RK8zKRFVR1PqOIbep24ZvGyZBPhck_EN09tp9ECvLDVytaIwUypkaWaebRX5RjEnaVnTrvczoqbkIOLBHLFBl5J6juMH4lXs&sig=Cg0ArKJSzIBOT3RA6eBCEAE&adk=1675819882&tt=-1&bs=1600%2C1200&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&p=62,562,152,1290&mcvt=1020&rs=0&ht=0&tfs=175&tls=1195&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=64&niot_cbk=129&md=2&btr=0&cpmav=0&lm=2&rst=1607375160488&dlt&rpt=201&isd=0&msd=0&xdi=0&ps=1600%2C3090&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1194&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201204

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2E7D 42 B
66 B 15ms
15ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8sCgSwZNR4UQrkyeXNPd9lje9W2itqSuHHnbus1hxKkMYtFUrH8g2Rp8lduRcVBDn3d0d0LLj9vmD_8eOYO6j6uqS8nMhNFHq1uR1nKA&sig=Cg0ArKJSzHnGxMDp0uY5EAE&adk=326545365&tt=-1&bs=1600%2C1200&mtos=0,1019,1019,1019,1019&tos=0,1019,0,0,0&p=667,990,1267,1290&mcvt=1019&rs=0&ht=0&tfs=111&tls=1130&mc=0.88&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=62&md=2&btr=0&cpmav=0&lm=2&rst=1607375160488&dlt&rpt=202&isd=0&msd=0&xdi=0&ps=1600%2C3090&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1128&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x600&itpl=3&v=20201204

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BBEE 42 B
66 B 16ms
15ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlBNbqwd3x6o39jWKOOwJfAPwGys40K8gXPbuZW75tHUfqdHJjXYxCnkV6I_AbpJjXpWsnD-vgrToQwefdTcN_oed0o3znP7EYqAs1GqU&sig=Cg0ArKJSzHxKqylhEua3EAE&adk=3532230482&tt=-1&bs=1600%2C1200&mtos=0,0,1062,1062,1062&tos=0,0,1062,0,0&p=827,313,1427,453&mcvt=1062&rs=0&ht=0&tfs=137&tls=1199&mc=0.62&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=50&md=2&btr=0&cpmav=0&lm=2&rst=1607375160517&dlt&rpt=188&isd=0&msd=0&xdi=0&ps=1600%2C3090&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1198&is=140%2C600&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=140x600&itpl=3&v=20201204

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 21:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
58 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryyqSTueBSZsFAUNGB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 21:06:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
35 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary6lBzusZ3xYSbByyq

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 21:06:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 23:59:49	Name: uvc Value: 1%7C50
.insurancebusinessmag.com/	1970-01-19 14:29:36	Name: __hssc Value: 226989634.1.1607375161297
.insurancebusinessmag.com/	1970-01-19 23:51:11	Name: hubspotutk Value: 3a430962cf917768e5dbb064547a595b
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.insurancebusinessmag.com/	1970-01-19 23:51:11	Name: __hstc Value: 226989634.3a430962cf917768e5dbb064547a595b.1607375161296.1607375161296.1607375161296.1
.www.insurancebusinessmag.com/	1970-01-19 23:15:32	Name: __adroll_fpc Value: e11458d25915bf962d4eb475abe102c5-1607375160679
.insurancebusinessmag.com/	1970-01-19 16:39:11	Name: _fbp Value: fb.1.1607375160323.1797917078
.www.insurancebusinessmag.com/	1970-01-19 23:15:11	Name: __ar_v4 Value: %7C2VITFUM7BRCEBEOMM6S7XQ%3A20210006%3A1%7CUBR2M7RH2FGKBCKNOSQYCJ%3A20210006%3A1%7CGXLA5HH2IBHK5CA2VTBGL2%3A20210006%3A1
.insurancebusinessmag.com/	1970-01-19 23:51:11	Name: __gads Value: ID=7cafa6529055d6b1:T=1607375160:S=ALNI_MZFrJnucAMUvil0RWQZ6oaRE5oCvQ
.insurancebusinessmag.com/	1970-01-20 08:00:47	Name: _ga Value: GA1.2.858152851.1607375160
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: sjSE Value: 1
www.insurancebusinessmag.com/	1970-01-19 14:29:36	Name: __atuvs Value: 5fce9938fd293d7b000
www.insurancebusinessmag.com/	1970-01-19 23:59:49	Name: __atuvc Value: 1%7C50
.insurancebusinessmag.com/	1970-01-19 14:31:01	Name: _gid Value: GA1.2.1896036746.1607375160
.insurancebusinessmag.com/	1970-01-19 14:29:35	Name: _gat_UA-67143636-4 Value: 1
.addthis.com/	1970-01-19 23:59:49	Name: loc Value: MDAwMDBFVUNIWkgyMjczMTg4NTAwMDAwMDBDSA==
.insurancebusinessmag.com/	1970-01-19 15:12:47	Name: __cfduid Value: dfee64ba8e810428f638ae490a3da806d1607375159

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6b522d63087722712a1b2454d6d2b0a6.safeframe.googlesyndication.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
api.hubapi.com
api.hubspot.com
c.disquscdn.com
cdn-res.keymedia.com
cdn.sajari.com
cdn.sajari.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
insurance-business.disqus.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
m.addthis.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
re.sajari.com
s.adroll.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
us-u.openx.net
use.fontawesome.com
v1.addthisedge.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.insurancebusinessmag.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
104.111.214.206
104.111.216.96
104.75.88.112
151.101.0.134
151.101.112.134
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3a
216.58.206.2
23.111.9.35
2606:4700:3037::681f:5ebc
2606:4700::6810:135e
2606:4700::6810:a852
2606:4700::6811:44b0
2606:4700::6811:74b0
2606:4700::6811:c9cc
2606:4700::6811:d3cc
2606:4700::6811:efcc
2606:4700::6812:15bf
2606:4700::6812:a913
2606:4700::6813:9a53
2a00:1288:f03d:1fa::4000
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:816::2001
2a00:1450:4001:816::2013
2a00:1450:4001:817::2001
2a00:1450:4001:817::2008
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2002
2a00:1450:400c:c09::9b
2a02:26f0:1700:d::1737:6e8f
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.207.148
34.98.64.218
35.158.179.12
35.190.50.98
37.252.173.22
54.78.251.22
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37
04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576
0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec
14b6c92b06bb19d64717f684eb061b8e0ce7b51b660bc39d2ad16fb8e253b335
1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1ab092634138c04c4d400ffe26f4d1e7e332adbd7ce2b974288b0674850bc2b0
1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e
2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6
21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276
24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f
25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142
315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf
383e5f611a5c1637137d721c623842d4ad37fbb609e726a0a086b8fdd4c481cb
40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82
424bd8c15b75522b392c071dd64f49ee0b025f06a58e7394c33851c0394e4b91
493a176ec78fb0ac6b6a95d9a93d57cd4db4880151ec1017282f8fee3f6250c9
49fe05e2db7239e63fca76d131b91a92ecc3dbadfcba2df78e56ae99a8a9d71a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5
4f25e1439bac98078ca61a5dadcd309a6a392c3830b52f894ece95c72807efc1
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4
52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f927fef3a76f516a273eac38e9fd8ef22f2c40b741543c47e70ae6b7da54283
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7a4080d7b3a78d8829b8e436b103b9736e6757f007c06d51ada0f659cb50a6b1
80479814589d820a87ac07a15295f8ed6bd207bd4c6750c72910093af88e79b2
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
97e9afdf9b3e120e4bb7753f7a21266a5ac89d6853c8c486c807e7f61baf0ebf
a730b0e6c4dfc0d8d11e9132ff3a8385581158d7d3ef68214c6721d94534a682
a7c9033cc29f2861014f6d7edd9d4c60f0bffc22dc6ba37f6a912abb1ae5ad24
a89035d1074d92d370633b62e6e1f11714a57ce837924d4b5de825ea36191b65
aba2a0e5d978194c64c77dde2152baf5ff5ae0548ccae71aaf75b257558c76e9
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd
b3c5ee146e480865a916c986e0ad32dc589e1ffe462f6b47d9e9c7044ed6f2cf
b57c6d612f25a0b5c3529276d9031fd389e0f68661b7f260e25be9a0dc8586ba
b91afc574cc69d751fb2dc0b736a0d762edc7ff5495abdff470f41cab454f54e
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23
bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
cb77ff904519ff37b810a1492714fba91b28a05cc294bcf3a4a61a8f7893e8f9
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
cc17c6b7f01eac8daac8ec54f6a296c245cfc54460b7c2d97a648c0bc13de60b
cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
cec80d4ec398b3777225a507b7af7b7d4055e8896a8c0b394c6d958f26974110
d1efa0eda4c1e37f9b6d918640bc2ebb465b2a6895eee1ca07646f9d6c03f6d8
d8baa44c9dce2ba13b4c29c5a5704bb20b005b9721fbec642f322b679a2e8c37
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b
e6778a27a350ccc0ad5ee58c7498f26ee9556d2ebd761255114dc31a98bacfba
e735e08c4da24b5efe03dc7d48842a415f91122e5b74e23d2e9e461d0ae73199
edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b
f490a80a6acbacad8b2a46b20432d093619d2df7816bd08ea9e78203c3cc71c9
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f60c7599a64cd0b44bdf7a3df22c737a43dfd80967c42d6110801f26a5bb2e78
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

www.insurancebusinessmag.com Open in urlscan Pro 2606:4700:3037::681f:5ebc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

140 Requests

99 %HTTPS

72 %IPv6

41 Domains

52 Subdomains

47 IPs

7 Countries

2463 kBTransfer

5482 kBSize

17 Cookies

11 Outgoing links

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

99 %
HTTPS

72 %
IPv6

41
Domains

52
Subdomains

47
IPs

7
Countries

2463 kB
Transfer

5482 kB
Size

17
Cookies

140 HTTP transactions
7 data transactions