Submitted URL: https://www.proofpoint.com/us/threat-insight
Effective URL: https://www.proofpoint.com/us/blog/threat-insight
Submission: On October 18 via api from CH

Summary

This website contacted 55 IPs in 7 countries across 51 domains to perform 136 HTTP transactions. The main IP is 2a02:e980:d::87, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.proofpoint.com.
TLS certificate: Issued by Thawte RSA CA 2018 on August 27th 2019. Valid for: a year.
This is the only time www.proofpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 47 2a02:e980:d::87 19551 (INCAPSULA)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 216.58.207.66 15169 (GOOGLE)
2 184.31.84.223 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.38.51.49 20940 (AKAMAI-ASN1)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.101.24 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.12.157 54113 (FASTLY)
1 147.75.85.25 54825 (PACKET)
1 91.228.74.167 27281 (QUANTCAST)
3 2a03:2880:f00... 32934 (FACEBOOK)
2 4 52.214.122.164 16509 (AMAZON-02)
2 159.122.87.153 36351 (SOFTLAYER)
5 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.224.196.5 16509 (AMAZON-02)
3 4 172.217.18.102 15169 (GOOGLE)
1 1 68.67.153.60 29990 (ASN-APPNEXUS)
2 3 185.33.223.80 29990 (ASN-APPNEXUS)
1 13.224.196.10 16509 (AMAZON-02)
1 1 216.200.122.11 6461 (ZAYO-6461)
1 5 2.18.233.40 16625 (AKAMAI-AS)
1 192.28.144.124 15224 (OMNITURE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
1 2600:9000:200... 16509 (AMAZON-02)
1 104.244.42.133 13414 (TWITTER)
1 147.75.32.75 54825 (PACKET)
14 17 54.154.133.226 16509 (AMAZON-02)
1 147.75.84.99 54825 (PACKET)
3 2a03:2880:f10... 32934 (FACEBOOK)
2 2 52.30.193.62 16509 (AMAZON-02)
1 2 143.204.101.119 16509 (AMAZON-02)
2 2 52.58.138.174 16509 (AMAZON-02)
1 2 52.29.223.223 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 3 151.101.114.2 54113 (FASTLY)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 2 35.156.13.191 16509 (AMAZON-02)
1 2 54.93.143.102 16509 (AMAZON-02)
1 35.190.72.21 15169 (GOOGLE)
1 2 34.95.120.147 15169 (GOOGLE)
1 91.228.74.244 27281 (QUANTCAST)
1 151.101.14.110 54113 (FASTLY)
1 104.244.42.67 13414 (TWITTER)
1 162.247.242.19 23467 (NEWRELIC-...)
2 2a00:1450:400... 15169 (GOOGLE)
136 55
Apex Domain
Subdomains
Transfer
47 proofpoint.com
www.proofpoint.com
4 MB
22 adroll.com
s.adroll.com
d.adroll.com
23 KB
10 doubleclick.net
googleads.g.doubleclick.net
4788165.fls.doubleclick.net
ad.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
4 KB
5 g2crowd.com
tracking.g2crowd.com
5 google.com
www.google.com
adservice.google.com
687 B
5 googleapis.com
fonts.googleapis.com
storage.googleapis.com
1 MB
4 company-target.com
api.company-target.com
segments.company-target.com
3 KB
4 reactful.com
visitor.reactful.com
tracking.reactful.com
123 KB
4 avocet.io
ads.avocet.io
2 KB
4 google.de
www.google.de
438 B
4 gstatic.com
fonts.gstatic.com
40 KB
4 google-analytics.com
www.google-analytics.com
42 KB
3 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
1 KB
3 facebook.com
www.facebook.com
448 B
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
2 KB
3 adnxs.com
secure.adnxs.com
ib.adnxs.com
3 KB
3 facebook.net
connect.facebook.net
152 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
75 KB
2 openx.net
us-u.openx.net
480 B
2 bidswitch.net
x.bidswitch.net
907 B
2 3lift.com
eb2.3lift.com
696 B
2 outbrain.com
sync.outbrain.com
699 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 advertising.com
pixel.advertising.com
721 B
2 bidr.io
match.prod.bidr.io
752 B
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
907 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
6 KB
2 bing.com
bat.bing.com
8 KB
2 marketo.net
munchkin.marketo.net
6 KB
2 googleadservices.com
www.googleadservices.com
18 KB
2 maxmind.com
js.maxmind.com
geoip-js.maxmind.com
3 KB
1 nr-data.net
bam.nr-data.net
261 B
1 twitter.com
analytics.twitter.com
634 B
1 newrelic.com
js-agent.newrelic.com
10 KB
1 rlcdn.com
idsync.rlcdn.com
62 B
1 taboola.com
trc.taboola.com
261 B
1 pubmatic.com
simage2.pubmatic.com
862 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 t.co
t.co
447 B
1 quantcount.com
rules.quantcount.com
354 B
1 ytimg.com
s.ytimg.com
9 KB
1 mktoresp.com
309-rhv-619.mktoresp.com
303 B
1 gwmtracking.com
gwmtracking.com
375 B
1 ml-api.io
attr.ml-api.io
484 B
1 ml-attr.com
s.ml-attr.com
280 B
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 bizographics.com
sjs.bizographics.com
2 KB
1 youtube.com
www.youtube.com
944 B
1 demandbase.com
scripts.demandbase.com
18 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 typography.com
cloud.typography.com
136 51
Domain Requested by
47 www.proofpoint.com 1 redirects www.proofpoint.com
17 d.adroll.com 14 redirects s.adroll.com
www.proofpoint.com
5 s.adroll.com 1 redirects www.googletagmanager.com
www.proofpoint.com
s.adroll.com
5 tracking.g2crowd.com www.proofpoint.com
4 ads.avocet.io 2 redirects www.proofpoint.com
4 www.google.de www.proofpoint.com
4 www.google.com 2 redirects www.proofpoint.com
4 fonts.gstatic.com www.proofpoint.com
4 www.google-analytics.com 2 redirects www.proofpoint.com
www.google-analytics.com
3 www.facebook.com www.proofpoint.com
3 connect.facebook.net www.proofpoint.com
connect.facebook.net
3 fonts.googleapis.com www.proofpoint.com
visitor.reactful.com
2 storage.googleapis.com
2 tracking.reactful.com visitor.reactful.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects www.proofpoint.com
2 x.bidswitch.net 1 redirects www.proofpoint.com
2 eb2.3lift.com 1 redirects www.proofpoint.com
2 sync.outbrain.com 1 redirects www.proofpoint.com
2 dsum-sec.casalemedia.com 1 redirects www.proofpoint.com
2 ups.analytics.yahoo.com 1 redirects www.proofpoint.com
2 pixel.advertising.com 2 redirects
2 segments.company-target.com 1 redirects www.proofpoint.com
2 match.prod.bidr.io 2 redirects
2 px.ads.linkedin.com 1 redirects www.proofpoint.com
2 stats.g.doubleclick.net 2 redirects
2 ad.doubleclick.net 2 redirects
2 secure.adnxs.com 2 redirects
2 4788165.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 api.company-target.com www.proofpoint.com
scripts.demandbase.com
2 visitor.reactful.com www.proofpoint.com
visitor.reactful.com
2 dev.visualwebsiteoptimizer.com www.proofpoint.com
2 bat.bing.com www.googletagmanager.com
www.proofpoint.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 munchkin.marketo.net www.proofpoint.com
munchkin.marketo.net
2 www.googleadservices.com www.proofpoint.com
www.googletagmanager.com
1 bam.nr-data.net js-agent.newrelic.com
1 analytics.twitter.com static.ads-twitter.com
1 js-agent.newrelic.com www.proofpoint.com
1 pixel.quantserve.com www.proofpoint.com
1 idsync.rlcdn.com www.proofpoint.com
1 ib.adnxs.com www.proofpoint.com
1 trc.taboola.com www.proofpoint.com
1 ads.yahoo.com 1 redirects
1 simage2.pubmatic.com www.proofpoint.com
1 pixel.rubiconproject.com www.proofpoint.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 t.co www.proofpoint.com
1 rules.quantcount.com secure.quantserve.com
1 www.linkedin.com 1 redirects
1 s.ytimg.com www.youtube.com
1 309-rhv-619.mktoresp.com munchkin.marketo.net
1 adservice.google.com www.proofpoint.com
1 gwmtracking.com 1 redirects
1 attr.ml-api.io www.proofpoint.com
1 s.ml-attr.com 1 redirects
1 secure.quantserve.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 sjs.bizographics.com www.googletagmanager.com
1 geoip-js.maxmind.com js.maxmind.com
1 www.youtube.com www.proofpoint.com
1 scripts.demandbase.com www.proofpoint.com
1 www.googletagmanager.com www.proofpoint.com
1 cloud.typography.com www.proofpoint.com
1 js.maxmind.com www.proofpoint.com
136 67
Subject Issuer Validity Valid
proofpoint.com
Thawte RSA CA 2018
2019-08-27 -
2020-08-26
a year crt.sh
*.maxmind.com
COMODO RSA Organization Validation Secure Server CA
2018-10-15 -
2020-11-06
2 years crt.sh
www.googleadservices.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2018-12-24 -
2020-03-24
a year crt.sh
*.googleapis.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.typography.com
DigiCert SHA2 Secure Server CA
2019-03-23 -
2020-06-21
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.demandbase.com
Go Daddy Secure Certificate Authority - G2
2018-09-20 -
2020-11-19
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.google.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
www.google.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
www.google.de
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA
2018-04-13 -
2020-04-17
2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2019-08-14 -
2020-08-18
a year crt.sh
static.hotjar.com
Let's Encrypt Authority X3
2019-10-06 -
2020-01-04
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2019-10-04 -
2020-10-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-09-22 -
2019-12-20
3 months crt.sh
*.avocet.io
Amazon
2019-07-06 -
2020-08-06
a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2017-06-30 -
2020-07-06
3 years crt.sh
*.g2crowd.com
Sectigo ECC Domain Validation Secure Server CA
2019-08-06 -
2020-09-28
a year crt.sh
*.reactful.com
Go Daddy Secure Certificate Authority - G2
2019-03-10 -
2020-05-09
a year crt.sh
*.company-target.com
Go Daddy Secure Certificate Authority - G2
2019-06-19 -
2021-08-18
2 years crt.sh
*.doubleclick.net
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.ml-api.io
Amazon
2019-02-22 -
2020-03-22
a year crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA
2018-12-19 -
2020-03-19
a year crt.sh
*.mktoresp.com
GeoTrust RSA CA 2018
2018-02-05 -
2020-02-05
2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2019-05-29 -
2021-06-29
2 years crt.sh
t.co
DigiCert SHA2 High Assurance Server CA
2019-04-09 -
2020-04-01
a year crt.sh
script.hotjar.com
Let's Encrypt Authority X3
2019-10-06 -
2020-01-04
3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3
2019-10-06 -
2020-01-04
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2019-05-08 -
2019-11-04
6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2019-07-17 -
2020-03-09
8 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-07-30 -
2020-07-25
a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.3lift.com
Amazon
2019-07-17 -
2020-08-17
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2019-04-17 -
2020-05-04
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-24 -
2020-04-23
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-04-10 -
2020-03-21
a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2019-04-09 -
2020-04-01
a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018
2018-01-11 -
2020-03-17
2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.proofpoint.com/us/blog/threat-insight
Frame ID: 795C956E3F6CF5141F3B237E558A996C
Requests: 146 HTTP requests in this frame

Frame: https://4788165.fls.doubleclick.net/activityi;dc_pre=CPuC2d6ipuUCFcawewodMAwP1A;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224
Frame ID: 3CABC35E715B7827FF0462C7CB8DECBC
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-74dcf4e32eff343c96838bf3a780ac1d.html
Frame ID: 3D4061E1407197A21B092C9298445601
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.proofpoint.com/us/threat-insight HTTP 301
    https://www.proofpoint.com/us/blog/threat-insight Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

136
Requests

99 %
HTTPS

39 %
IPv6

51
Domains

67
Subdomains

55
IPs

7
Countries

5894 kB
Transfer

8880 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.proofpoint.com/us/threat-insight HTTP 301
    https://www.proofpoint.com/us/blog/threat-insight Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://ads.avocet.io/s?add=5aba5f53ab79f7f51390a95a&ty=j HTTP 302
  • https://ads.avocet.io/s?bounce=true&add=5aba5f53ab79f7f51390a95a&ty=j
Request Chain 87
  • https://ads.avocet.io/s?add=5d1dcad3b00320110090d553&ty=j HTTP 302
  • https://ads.avocet.io/s?bounce=true&add=5d1dcad3b00320110090d553&ty=j
Request Chain 88
  • https://4788165.fls.doubleclick.net/activityi;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224 HTTP 302
  • https://4788165.fls.doubleclick.net/activityi;dc_pre=CPuC2d6ipuUCFcawewodMAwP1A;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224
Request Chain 89
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dproofpoint.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dproofpoint.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dproofpoint.com%2526pId%253d%2524UID HTTP 302
  • https://attr.ml-api.io/?domain=proofpoint.com&pId=730549684094250592
Request Chain 90
  • https://gwmtracking.com/p/v/1/5b7320b8f870815f7f59492b/format/img?gtmcb=1495065340 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8909468;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8909468;dc_pre=CJvqi9-ipuUCFQOaGAodzd0GrA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CJvqi9-ipuUCFQOaGAodzd0GrA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Request Chain 95
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=919264890&t=pageview&_s=1&dl=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&ul=en-us&de=UTF-8&dt=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEADQ~&jid=2057954075&gjid=1662105019&cid=783141999.1571417600&tid=UA-2257074-1&_gid=627733773.1571417600&_r=1&z=830468178 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2257074-1&cid=783141999.1571417600&jid=2057954075&_gid=627733773.1571417600&gjid=1662105019&_v=j79&z=830468178 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=2057954075&_v=j79&z=830468178 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=2057954075&_v=j79&z=830468178&slf_rd=1&random=1578144596
Request Chain 97
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&time=1571417599975 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D169250%26url%3Dhttps%253A%252F%252Fwww.proofpoint.com%252Fus%252Fblog%252Fthreat-insight%26time%3D1571417599975%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&time=1571417599975&liSync=true
Request Chain 103
  • https://s.adroll.com/j/exp/7YJ7XZCLMRHSVCXIHB5HIT/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 114
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AAJRMU67U9wAAEAJjCYpJQ HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAJRMU67U9wAAEAJjCYpJQ&verifyHash=b013e57539bcc7693320d12e4977e08bd9b065c1
Request Chain 115
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=919264890&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&ul=en-us&de=UTF-8&dt=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAEADQ~&jid=1041879645&gjid=858682926&cid=783141999.1571417600&tid=UA-2257074-1&_gid=627733773.1571417600&_r=1&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=Germany&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&z=31425699 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2257074-1&cid=783141999.1571417600&jid=1041879645&_gid=627733773.1571417600&gjid=858682926&_v=j79&z=31425699 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=1041879645&_v=j79&z=31425699 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=1041879645&_v=j79&z=31425699&slf_rd=1&random=2439454167
Request Chain 116
  • https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&pv=51926682654.25737&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight HTTP 302
  • https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
Request Chain 119
  • https://d.adroll.com/cm/aol/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPca22e0a6-f1c7-11e9-bb69-06875ccc64d2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPca22e0a6-f1c7-11e9-bb69-06875ccc64d2&verify=true
Request Chain 120
  • https://d.adroll.com/cm/index/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expiration=1602953600 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expiration=1602953600&C=1
Request Chain 121
  • https://d.adroll.com/cm/n/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expires=365
Request Chain 122
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&rdrctExp=true
Request Chain 123
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 124
  • https://d.adroll.com/cm/r/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 125
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
Request Chain 126
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&dongle=c85e&gdpr=1&cmp_cs=
Request Chain 127
  • https://d.adroll.com/cm/b/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
Request Chain 128
  • https://d.adroll.com/cm/x/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
Request Chain 129
  • https://d.adroll.com/cm/l/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=73ab050beebfc3cfd25a4a23c57e6067
Request Chain 130
  • https://d.adroll.com/cm/o/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=73ab050beebfc3cfd25a4a23c57e6067 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=73ab050beebfc3cfd25a4a23c57e6067
Request Chain 131
  • https://d.adroll.com/cm/g/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=c6sFC-6_w8_SWkojxX5gZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=c6sFC-6_w8_SWkojxX5gZw&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in

136 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request threat-insight
www.proofpoint.com/us/blog/
Redirect Chain
  • https://www.proofpoint.com/us/threat-insight
  • https://www.proofpoint.com/us/blog/threat-insight
81 KB
17 KB
Document
General
Full URL
https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f0170318bd96e1075355c79f380c15a2fe5f6bd41ad5c304c3ea703efd6e5cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.proofpoint.com
:scheme
https
:path
/us/blog/threat-insight
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
visid_incap_177663=fhCGOnBPRxyv59k/SQnsv/ztqV0AAAAAQUIPAAAAAADBEVfQY0WxGa8vrnd9ZJI+; incap_ses_245_177663=sOWGDpruPSgR6fvkJWtmA/3tqV0AAAAA+Ql1/pmH7iz4AdVYeGNBIw==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
date
Fri, 18 Oct 2019 16:53:17 GMT
content-type
text/html; charset=utf-8
x-drupal-cache
MISS
x-content-type-options
nosniff
etag
"1571346852-0"
expires
Fri, 18 Oct 2019 21:14:12 GMT
x-frame-options
SAMEORIGIN
content-language
en
x-generator
Drupal 7 (http://drupal.org)
link
<https://www.proofpoint.com/us/blog/threat-insight>; rel="canonical",<https://www.proofpoint.com/us/blog/threat-insight>; rel="shortlink"
cache-control
public, max-age=86400
last-modified
Thu, 17 Oct 2019 21:14:12 GMT
vary
Cookie,Accept-Encoding
content-encoding
gzip
x-request-id
v-113cf792-f123-11e9-9bb4-33cb832b51e4
x-ah-environment
prod
age
70744
via
varnish
x-cache
HIT
x-cache-hits
367
accept-ranges
bytes
x-iinfo
12-154705729-154705600 PNNN RT(1571417597653 0) q(0 0 0 -1) r(2 3) U18
x-cdn
Incapsula

Redirect headers

status
301
server
nginx
date
Fri, 18 Oct 2019 16:53:17 GMT
content-type
text/html; charset=UTF-8
content-length
0
x-drupal-cache
MISS
expires
Sat, 19 Oct 2019 16:53:17 GMT
cache-control
no-cache, must-revalidate
x-content-type-options
nosniff
x-redirect-id
13431
location
https://www.proofpoint.com/us/blog/threat-insight
x-request-id
v-c899dcbc-f1c7-11e9-b239-6725a011fe6e
x-ah-environment
prod
age
0
via
varnish
x-cache
MISS
set-cookie
visid_incap_177663=fhCGOnBPRxyv59k/SQnsv/ztqV0AAAAAQUIPAAAAAADBEVfQY0WxGa8vrnd9ZJI+; expires=Sat, 17 Oct 2020 08:16:02 GMT; path=/; Domain=.proofpoint.com incap_ses_245_177663=sOWGDpruPSgR6fvkJWtmA/3tqV0AAAAA+Ql1/pmH7iz4AdVYeGNBIw==; path=/; Domain=.proofpoint.com
x-iinfo
12-154705599-154705600 NNNN CT(153 304 0) RT(1571417596986 0) q(0 0 5 0) r(7 7) U11
x-cdn
Incapsula
css_rEI_5cK_B9hB4So2yZUtr5weuEV3heuAllCDE6XsIkI.css
www.proofpoint.com/sites/default/files/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.proofpoint.com/sites/default/files/css/css_rEI_5cK_B9hB4So2yZUtr5weuEV3heuAllCDE6XsIkI.css
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
ac423fe5c2bf07d841e12a36c9952daf9c1eb8457785eb8096508313a5ec2242

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Mon, 23 Sep 2019 00:10:43 GMT
x-cdn
Incapsula
etag
"a03afbf5"
content-type
text/css
status
200
x-iinfo
12-154705792-154697593 2CNN RT(1571417597971 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
1236
expires
Fri, 01 Nov 2019 16:45:02 GMT
css_dflN4gznpSoqyE-fQqvdVodUm8IHE1_6p9W67RzHBgo.css
www.proofpoint.com/sites/default/files/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://www.proofpoint.com/sites/default/files/css/css_dflN4gznpSoqyE-fQqvdVodUm8IHE1_6p9W67RzHBgo.css
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
75f94de20ce7a52a2ac84f9f42abdd5687549bc207135ffaa7d5baed1cc7060a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Thu, 19 Sep 2019 01:02:19 GMT
x-cdn
Incapsula
etag
"e1b80d0d"
content-type
text/css
status
200
x-iinfo
12-154705794-154697484 2CNN RT(1571417597974 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
4794
expires
Fri, 01 Nov 2019 16:45:02 GMT
css_hQUWtVyJ6ULCIpNH74wGTdIt1sdeB9IhC9bSD0rPNKA.css
www.proofpoint.com/sites/default/files/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.proofpoint.com/sites/default/files/css/css_hQUWtVyJ6ULCIpNH74wGTdIt1sdeB9IhC9bSD0rPNKA.css
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
850516b55c89e942c2229347ef8c064dd22dd6c75e07d2210bd6d20f4acf34a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Incapsula
age
157319
x-cache
HIT
status
200
x-iinfo
12-154705796-154698625 2NNN RT(1571417597980 0) q(0 0 0 -1) r(1 5) U18
x-ah-environment
prod
content-length
1453
x-request-id
v-7f50b400-f059-11e9-bd52-0b49cb651fae
last-modified
Mon, 23 Sep 2019 00:10:56 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
via
varnish
expires
Wed, 30 Oct 2019 21:11:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
1716
styles.css
www.proofpoint.com/sites/all/themes/proofpoint/css/
337 KB
47 KB
Stylesheet
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/css/styles.css?pzjcq2
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
05c915ee57e99bd0d092085c38ba287dc1bcf6f624840f296ca2270cce1b9a47

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 15:50:22 GMT
x-cdn
Incapsula
content-type
text/css
status
200
x-iinfo
12-154705798-154697595 2CNN RT(1571417597982 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
47521
expires
Fri, 01 Nov 2019 16:45:02 GMT
proofpoint.css
www.proofpoint.com/sites/all/themes/proofpoint/css/
1008 B
551 B
Stylesheet
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/css/proofpoint.css?pzjcq2
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
c6687d159fd14a00a4b187ecfa840c0e21d5a28f352003295d8508190fbdd826

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Fri, 07 Dec 2018 08:45:31 GMT
x-cdn
Incapsula
content-type
text/css
status
200
x-iinfo
12-154705799-154705800 2CNN RT(1571417597983 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
439
expires
Fri, 01 Nov 2019 16:45:02 GMT
css_xJL0rSJqAihUjc_Ngv2wHJie34Fd4preHc6a7AnDGhw.css
www.proofpoint.com/sites/default/files/css/
245 KB
83 KB
Stylesheet
General
Full URL
https://www.proofpoint.com/sites/default/files/css/css_xJL0rSJqAihUjc_Ngv2wHJie34Fd4preHc6a7AnDGhw.css
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
c492f4ad226a0228548dcfcd82fdb01c989edf815de29ade1dce9aec09c31a1c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Sep 2019 23:45:16 GMT
x-cdn
Incapsula
etag
"326754e5"
content-type
text/css
status
200
x-iinfo
12-154705801-154697593 2CNN RT(1571417597984 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
84810
expires
Fri, 01 Nov 2019 16:45:02 GMT
css_nQwtytNsztHNRD8oGYQyyja_LgjxLi44qLISIPyImuw.css
www.proofpoint.com/sites/default/files/css/
113 B
235 B
Stylesheet
General
Full URL
https://www.proofpoint.com/sites/default/files/css/css_nQwtytNsztHNRD8oGYQyyja_LgjxLi44qLISIPyImuw.css
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
9d0c2dcad36cced1cd443f28198432ca36bf2e08f12e2e38a8b21220fc889aec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 00:38:30 GMT
x-cdn
Incapsula
etag
"3c611d61"
content-type
text/css
status
200
x-iinfo
12-154705802-154705803 2CNN RT(1571417597985 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
113
expires
Fri, 01 Nov 2019 16:45:02 GMT
js_jATlw3iucl8O1KM88pfP_buAg5xbrWmEgBVT94k-xFs.js
www.proofpoint.com/sites/default/files/js/
3 KB
2 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_jATlw3iucl8O1KM88pfP_buAg5xbrWmEgBVT94k-xFs.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
8c04e5c378ae725f0ed4a33cf297cffdbb80839c5bad6984801553f7893ec45b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Mon, 23 Sep 2019 00:10:43 GMT
x-cdn
Incapsula
etag
"d70c6bae"
content-type
text/javascript
status
200
x-iinfo
12-154705804-154697484 2CNN RT(1571417597985 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
1583
expires
Fri, 01 Nov 2019 16:45:02 GMT
js_Sd3E1-ubI8_oPJ3epUeNgAhdPIZsHFWzDl_t8nL-a0k.js
www.proofpoint.com/sites/default/files/js/
286 KB
86 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_Sd3E1-ubI8_oPJ3epUeNgAhdPIZsHFWzDl_t8nL-a0k.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
49ddc4d7eb9b23cfe83c9ddea5478d80085d3c866c1c55b30e5fedf272fe6b49

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Sep 2019 21:44:37 GMT
x-cdn
Incapsula
etag
"8d8cec88"
content-type
text/javascript
status
200
x-iinfo
12-154705805-154701601 2CNN RT(1571417597986 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
87383
expires
Fri, 01 Nov 2019 16:45:02 GMT
js_vwi3mu_g7dRkqOQKD3lFYMu1iwyd8iK_nXNTlMaeJb0.js
www.proofpoint.com/sites/default/files/js/
99 KB
30 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_vwi3mu_g7dRkqOQKD3lFYMu1iwyd8iK_nXNTlMaeJb0.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
bf08b79aefe0edd464a8e40a0f794560cbb58b0c9df222bf9d735394c69e25bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Incapsula
age
157319
x-cache
HIT
status
200
x-iinfo
12-154705806-154697599 2NNN RT(1571417597987 0) q(0 0 0 -1) r(1 7) U18
x-ah-environment
prod
content-length
30122
x-request-id
v-7f58c258-f059-11e9-b997-33044db1b5f4
last-modified
Wed, 25 Sep 2019 18:36:19 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
via
varnish
expires
Wed, 30 Oct 2019 21:11:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
610
js_oYQw43wAjKdM3p6nU1hLDI3mDgL3UfCyqPsngNU6GnY.js
www.proofpoint.com/sites/default/files/js/
2 KB
723 B
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_oYQw43wAjKdM3p6nU1hLDI3mDgL3UfCyqPsngNU6GnY.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
a18430e37c008ca74cde9ea753584b0c8de60e02f751f0b2a8fb2780d53a1a76

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 00:38:31 GMT
x-cdn
Incapsula
etag
"f5226ed5"
content-type
text/javascript
status
200
x-iinfo
12-154705807-154705803 2CNN RT(1571417597988 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
600
expires
Fri, 01 Nov 2019 16:45:02 GMT
js_RoZ5vt7EwNFsybM_x659GyUP18a1p5XE4ofXQGuMs-Y.js
www.proofpoint.com/sites/default/files/js/
101 KB
35 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_RoZ5vt7EwNFsybM_x659GyUP18a1p5XE4ofXQGuMs-Y.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
468679bedec4c0d16cc9b33fc7ae7d1b250fd7c6b5a795c4e287d7406b8cb3e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Incapsula
age
157319
x-cache
HIT
status
200
x-iinfo
12-154705808-154697603 2NNN RT(1571417597989 0) q(0 0 0 -1) r(1 7) U18
x-ah-environment
prod
content-length
35522
x-request-id
v-7f5b4488-f059-11e9-96b8-6720183ce2e3
last-modified
Wed, 25 Sep 2019 18:48:25 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
via
varnish
expires
Wed, 30 Oct 2019 21:11:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
259
js_V59Lq7kRtaAiYM_YS8pC0OFMBYJk_jt8nNK4UA1wlGk.js
www.proofpoint.com/sites/default/files/js/
8 KB
2 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_V59Lq7kRtaAiYM_YS8pC0OFMBYJk_jt8nNK4UA1wlGk.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
579f4babb911b5a02260cfd84bca42d0e14c058264fe3b7c9cd2b8500d709469

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 16:00:08 GMT
x-cdn
Incapsula
etag
"240d3ade"
content-type
text/javascript
status
200
x-iinfo
12-154705809-154697595 2CNN RT(1571417597989 0) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=1209105, public
content-length
1934
expires
Fri, 01 Nov 2019 16:45:02 GMT
geoip2.js
js.maxmind.com/js/apis/geoip2/v2.1/
4 KB
2 KB
Script
General
Full URL
https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:252f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69666124ea4313cf5b2da94871c86acd68bcbc4d50b360fdebc4dc3b977dde21

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Oct 2019 17:01:23 GMT
server
cloudflare
age
1503
etag
W/"5da89e63-f39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
527c07154cb3cb98-VIE
expires
Sat, 19 Oct 2019 04:53:18 GMT
js_3Nh12Lkus-VvZLersTJ7MJO9qcHwjn0uRaWv6Gxvu4E.js
www.proofpoint.com/sites/default/files/js/
17 KB
5 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_3Nh12Lkus-VvZLersTJ7MJO9qcHwjn0uRaWv6Gxvu4E.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd875d8b92eb3e56f64b7abb1327b3093bda9c1f08e7d2e45a5afe86c6fbb81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Incapsula
age
157319
x-cache
HIT
status
200
x-iinfo
12-154705810-154697595 2NNN RT(1571417597990 0) q(0 1 1 -1) r(1 5) U18
x-ah-environment
prod
content-length
4915
x-request-id
v-7f5c8672-f059-11e9-8ef9-4b2c0998598e
last-modified
Mon, 23 Sep 2019 00:11:35 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
via
varnish
expires
Wed, 30 Oct 2019 21:11:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
715
js__cwWPjumGXMIx9KU2ky-QSTvGf2-Z0EfSkrlgTMtTMU.js
www.proofpoint.com/sites/default/files/js/
156 KB
45 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js__cwWPjumGXMIx9KU2ky-QSTvGf2-Z0EfSkrlgTMtTMU.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
fdcc163e3ba6197308c7d294da4cbe4124ef19fdbe67411f4a4ae581332d4cc5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 03:01:11 GMT
x-cdn
Incapsula
etag
"24c2fdeb"
content-type
text/javascript
status
200
x-iinfo
12-154705811-154697593 2CNN RT(1571417597991 0) q(0 1 1 -1) r(1 1) U18
cache-control
max-age=1209105, public
content-length
45461
expires
Fri, 01 Nov 2019 16:45:02 GMT
logo-reg.svg
www.proofpoint.com/sites/all/themes/proofpoint/
3 KB
1 KB
Image
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/logo-reg.svg
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157347
x-cache
HIT
status
200
x-iinfo
12-154705813-154705600 PNNN RT(1571417598020 0) q(0 0 0 -1) r(0 1) U18
x-cache-hits
7203
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-6e6f1bc2-f059-11e9-9e70-57b758bc02d0
last-modified
Fri, 07 Dec 2018 08:45:31 GMT
server
nginx
content-type
image/svg+xml
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:10:50 GMT
psat-training-modules.png
www.proofpoint.com/sites/all/themes/proofpoint/images/
913 KB
917 KB
Image
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/images/psat-training-modules.png
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
2cfe7c393d823154ee86def4c4eeeff7520b903871d93073ef7ad566a07ea92d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
last-modified
Wed, 04 Sep 2019 18:25:19 GMT
x-cdn
Incapsula
etag
"cdd6b9a9"
content-type
image/png
status
200
x-iinfo
12-154705814-154699020 2CNN RT(1571417598023 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209107, public
content-length
934755
expires
Fri, 01 Nov 2019 16:45:04 GMT
home.svg
www.proofpoint.com/sites/all/themes/proofpoint/images/
784 B
666 B
Image
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/images/home.svg
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
0e41e449d2997692fc3631d239e51c964577b35502ee9e138eead4a960682806
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157325
x-cache
HIT
status
200
x-iinfo
12-154705829-154705830 NNNN CT(0 0 0) RT(1571417598161 0) q(0 0 0 -1) r(2 2) U18
x-cache-hits
3697
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-7b97ec66-f059-11e9-b0e3-97b0f2f3d3e8
last-modified
Tue, 18 Jun 2019 16:19:41 GMT
server
nginx
content-type
image/svg+xml
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:11:12 GMT
rss_icon.png
www.proofpoint.com/sites/default/files/
4 KB
4 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/rss_icon.png
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
2397463f5da5110b6ec56a2ad08d03063edb1529954c4cc8c6e6e4b6f5b65f46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157319
x-cache
HIT
status
200
x-iinfo
12-154705832-154705803 2NNN RT(1571417598178 0) q(0 0 0 -1) r(5 5) U18
x-cache-hits
218
x-ah-environment
prod
content-length
3842
x-request-id
v-7f574194-f059-11e9-97c5-1b2cc9d2d55a
last-modified
Fri, 29 Mar 2019 23:37:22 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:11:19 GMT
rat-ta505.png
www.proofpoint.com/sites/default/files/styles/image_700_x_420/public/images/Blog/
460 KB
463 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_700_x_420/public/images/Blog/rat-ta505.png?itok=JK7nVm9L
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
d7132a47a5e2f46ccad313fdbd5b421c6182b66ee582aaf9a9ac6d4f49d2e8e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157319
x-cache
HIT
status
200
x-iinfo
12-154705843-154705800 2NNN RT(1571417598327 0) q(0 0 0 -1) r(3 3) U18
x-cache-hits
407
x-ah-environment
prod
content-length
470530
x-request-id
v-7f4b3d18-f059-11e9-a267-634298052342
last-modified
Wed, 16 Oct 2019 13:00:48 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:11:18 GMT
library-celus-greyscale-1400.png
www.proofpoint.com/sites/default/files/styles/image_700_x_420/public/images/Blog/
389 KB
390 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_700_x_420/public/images/Blog/library-celus-greyscale-1400.png?itok=n3Y3JD_w
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
4861e54f1d490d494718bad10b4d4b6a18c600e4d2a9e8349ae14d8617afe9fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157320
x-cache
HIT
status
200
x-iinfo
12-154706004-154705800 2NNN RT(1571417599462 0) q(0 0 0 -1) r(2 2) U18
x-cache-hits
373
x-ah-environment
prod
content-length
398815
x-request-id
v-7f4e2640-f059-11e9-9713-339545fea2c5
last-modified
Mon, 14 Oct 2019 13:00:41 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:11:19 GMT
whiteshadow-blue.png
www.proofpoint.com/sites/default/files/styles/image_700_x_420/public/images/Blog/
496 KB
499 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_700_x_420/public/images/Blog/whiteshadow-blue.png?itok=UH1gadeB
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
c8d1df6fe0d7cba20d854755f7849df2ae8fd5d7dc45392d574bb8565edc591a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157320
x-cache
HIT
status
200
x-iinfo
12-154706007-154697599 2NNN RT(1571417599477 0) q(0 0 0 -1) r(3 3) U18
x-cache-hits
243
x-ah-environment
prod
content-length
507740
x-request-id
v-7f50b554-f059-11e9-8012-a7c103d50b42
last-modified
Thu, 26 Sep 2019 15:01:27 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:11:19 GMT
rat-ta505.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/
192 KB
194 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/rat-ta505.png?itok=qitjV0zv&timestamp=1571182511
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
1643d9bdbb01925433dd7160f57aa8af2a420eed39a8d7c28bec578302bc5460
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157269
x-cache
HIT
status
200
x-iinfo
12-154706014-154705803 2NNN RT(1571417599496 0) q(0 0 0 -1) r(4 4) U18
x-cache-hits
311
x-ah-environment
prod
content-length
196872
x-request-id
v-9da3fa7a-f059-11e9-9d58-8fa094a5f24f
last-modified
Wed, 16 Oct 2019 13:02:49 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
library-celus-greyscale-1400.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/
163 KB
164 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/library-celus-greyscale-1400.png?itok=AdPYK-P_&timestamp=1570667381
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f1eff0a14e6b6936f36d51a5a58928909b9079d8942690f13729949728cb33ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157269
x-cache
HIT
status
200
x-iinfo
12-154706015-154697603 2NNN RT(1571417599497 0) q(0 0 0 -1) r(4 4) U18
x-cache-hits
266
x-ah-environment
prod
content-length
166557
x-request-id
v-9da47644-f059-11e9-96a2-7f71a9e986bc
last-modified
Mon, 14 Oct 2019 13:00:41 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
whiteshadow-blue.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/
206 KB
208 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/whiteshadow-blue.png?itok=5TBo9xNr&timestamp=1569502173
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
2c820c0915b001e1faf2993b85f097090d9bf1dd8e48195926b1b8a14f2b04a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157269
x-cache
HIT
status
200
x-iinfo
12-154706016-154697593 2NNN RT(1571417599497 0) q(0 0 0 -1) r(4 4) U18
x-cache-hits
250
x-ah-environment
prod
content-length
210975
x-request-id
v-9da4f844-f059-11e9-9d50-f3bdab11a63c
last-modified
Thu, 26 Sep 2019 15:03:20 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
cloud-attacks.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/
83 KB
84 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/cloud-attacks.png?itok=gzIcF0Xz&timestamp=1566938295
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
b097316ccad9bc6056349d8d4e0fb4a824584a448d9f1115ed8f317f15b776ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157269
x-cache
HIT
status
200
x-iinfo
12-154706017-154698625 2NNN RT(1571417599498 0) q(0 0 0 -1) r(4 4) U18
x-cache-hits
232
x-ah-environment
prod
content-length
85314
x-request-id
v-9da9cf40-f059-11e9-800a-832cdbbfe219
last-modified
Wed, 25 Sep 2019 13:00:18 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
powerlines-cyan-inverted_0.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/
120 KB
121 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/powerlines-cyan-inverted_0.png?itok=zInZ5gXp&timestamp=1569162215
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
de2904a4ddddd832988b348c677dbee37ecd5c5cae191e1473b40423e6c003f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157270
x-cache
HIT
status
200
x-iinfo
12-154706041-154701601 2NNN RT(1571417599545 0) q(0 5 5 -1) r(9 9) U18
x-cache-hits
181
x-ah-environment
prod
content-length
123266
x-request-id
v-9da9b7d0-f059-11e9-a5f5-0f2753932788
last-modified
Mon, 23 Sep 2019 14:14:02 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
deskpeople-qtr.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/
103 KB
104 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/deskpeople-qtr.png?itok=862arfVM
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
8f2eb17bbbffbc0677a2d603c68493dcfde0c24bcc3d6bf65db5f8cdfab34f67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157321
x-cache
HIT
status
200
x-iinfo
12-154706042-154705803 2NNN RT(1571417599546 0) q(0 6 6 -1) r(8 8) U18
x-cache-hits
250
x-ah-environment
prod
content-length
105249
x-request-id
v-7f5da912-f059-11e9-88bc-6b2f61ad3953
last-modified
Thu, 19 Sep 2019 13:07:26 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:11:19 GMT
hacker-at-computer_fr.jpg
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/
17 KB
17 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/hacker-at-computer_fr.jpg?itok=hoIpFJeS&timestamp=1566334133
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
d87ab6bbe9de873d92530cf8675a0f5e8baa578f7b4b77d655d97fab10dd77c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157270
x-cache
HIT
status
200
x-iinfo
12-154706046-154697603 2NNN RT(1571417599570 0) q(0 6 6 -1) r(8 8) U18
x-cache-hits
170
x-ah-environment
prod
content-length
17349
x-request-id
v-9dac105c-f059-11e9-a65b-4b741bb5142d
last-modified
Mon, 09 Sep 2019 04:57:14 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
googlednspicture1.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/
43 KB
44 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/googlednspicture1.png?itok=lfRb-AZv&timestamp=1567807829
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
2471975538ff8cab54118a408087122507000525d07152cf81baaa1e277ca4dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157270
x-cache
HIT
status
200
x-iinfo
12-154706222-154697593 2NNN RT(1571417600289 0) q(0 0 0 -1) r(2 2) U18
x-cache-hits
170
x-ah-environment
prod
content-length
44475
x-request-id
v-9dacc1dc-f059-11e9-8113-2fdc89dc68a3
last-modified
Fri, 06 Sep 2019 22:57:14 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
seemsphishy.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/
202 KB
203 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/seemsphishy.png?itok=EusaQA6e&timestamp=1567704268
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
9169f52a2f15a1a0958e98c35579e8e91404fac2b119a2c637fb59b43e4dc6d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157270
x-cache
HIT
status
200
x-iinfo
12-154706228-154706229 2NNN RT(1571417600319 0) q(0 0 0 -1) r(0 3) U18
x-cache-hits
194
x-ah-environment
prod
content-length
206623
x-request-id
v-9db072fa-f059-11e9-a94e-1f54712b69b5
last-modified
Thu, 05 Sep 2019 17:58:56 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
evolution-psixbot-header_0.png
www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/
24 KB
24 KB
Image
General
Full URL
https://www.proofpoint.com/sites/default/files/styles/image_600_x_185/public/images/Blog/evolution-psixbot-header_0.png?itok=JKxsQF_A&timestamp=1565624227
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
5a1451e87aae60f93f8dd8c4bc537dd29879da42d0b2d0594b7c891daffb3671
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157270
x-cache
HIT
status
200
x-iinfo
12-154706230-154706231 2NNN RT(1571417600322 0) q(0 0 0 -1) r(0 3) U18
x-cache-hits
165
x-ah-environment
prod
content-length
24080
x-request-id
v-9db08b00-f059-11e9-a3e1-0b0dd4f6eae2
last-modified
Tue, 13 Aug 2019 13:07:23 GMT
server
nginx
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:12:09 GMT
conversion.js
www.googleadservices.com/pagead/
24 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
78a79d5cefe3a91bfccc9d0e3522b756e142d8c2aeba35146f2bc399b71cf4ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9385
x-xss-protection
0
server
cafe
etag
14299522277420216331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Oct 2019 16:53:18 GMT
js_VGWVxZzZSi3YQD4B3uHe9fBD5c_2NSz4TEx3cL9dx1Q.js
www.proofpoint.com/sites/default/files/js/
78 KB
19 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_VGWVxZzZSi3YQD4B3uHe9fBD5c_2NSz4TEx3cL9dx1Q.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
546595c59cd94a2dd8403e01dee1def5f043e5cff6352cf84c4c7770bf5dc754

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Sep 2019 21:44:37 GMT
x-cdn
Incapsula
etag
"e5a57fbc"
content-type
text/javascript
status
200
x-iinfo
12-154705826-154705803 2CNN RT(1571417598115 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209106, public
content-length
19613
expires
Fri, 01 Nov 2019 16:45:03 GMT
js_pLyroj8w56o5oEuhy9M3_UPhli8Yg1Zq5LxhrROPoWs.js
www.proofpoint.com/sites/default/files/js/
11 KB
4 KB
Script
General
Full URL
https://www.proofpoint.com/sites/default/files/js/js_pLyroj8w56o5oEuhy9M3_UPhli8Yg1Zq5LxhrROPoWs.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
a4bcaba23f30e7aa39a04ba1cbd337fd43e1962f1883566ae4bc61ad138fa16b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Wed, 25 Sep 2019 18:36:25 GMT
x-cdn
Incapsula
etag
"7b7608a9"
content-type
text/javascript
status
200
x-iinfo
12-154705827-154705803 2CNN RT(1571417598126 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209416, public
content-length
4376
expires
Fri, 01 Nov 2019 16:50:13 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.223 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-84-223.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Apr 2019 02:53:44 GMT
Server
Apache
ETag
"54520320df20b526337717d6d28181fc:1554432824"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
script.js
www.proofpoint.com/sites/all/themes/proofpoint/js/
23 KB
6 KB
Script
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/js/script.js?pzjcq2
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
d433e54752895754b27e62063d35e3e7d3cc5287289212bce7cc8ebe31af4d16

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:17 GMT
content-encoding
gzip
last-modified
Wed, 16 Oct 2019 17:37:02 GMT
x-cdn
Incapsula
content-type
application/javascript
status
200
x-iinfo
12-154705828-154697593 2CNN RT(1571417598154 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209106, public
content-length
5942
expires
Fri, 01 Nov 2019 16:45:03 GMT
_Incapsula_Resource
www.proofpoint.com/
115 KB
16 KB
Script
General
Full URL
https://www.proofpoint.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=744437767
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
a7c736b5513596760fd64da2b3efb938eeccb76b59e2cca51a80212c45dc5fe9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-encoding
gzip
cache-control
no-cache
x-robots-tag
noindex
content-length
16706
content-type
application/javascript
css
fonts.googleapis.com/
12 KB
771 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700|Open+Sans+Condensed:300
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c91bae8f9074efbe5429e95dcab486cda690b269404a017be16b027cf10154c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 18 Oct 2019 16:53:18 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 18 Oct 2019 16:53:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 18 Oct 2019 16:53:18 GMT
fonts.css
cloud.typography.com/7639856/7486392/css/
0
0
Stylesheet
General
Full URL
https://cloud.typography.com/7639856/7486392/css/fonts.css
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.51.49 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-51-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:18 GMT
Cache-Control
must-revalidate, private
Server
Apache
Connection
keep-alive
Content-Length
16
Content-Type
text/html; charset=iso-8859-1
css
fonts.googleapis.com/
3 KB
630 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One|Roboto+Condensed
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
74166c3ce466a4afbab3fee3dc53106c377de2217ddb142774eb4b59fe65c6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 18 Oct 2019 16:53:18 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 18 Oct 2019 16:53:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 18 Oct 2019 16:53:18 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4724
date
Fri, 18 Oct 2019 15:34:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 18 Oct 2019 17:34:35 GMT
gtm.js
www.googletagmanager.com/
170 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
457527b5e95739ff7fa3dd34a66e5966ca2e5dff91e46088d929bfaa20fb3062
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
content-encoding
br
last-modified
Fri, 18 Oct 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38936
x-xss-protection
0
expires
Fri, 18 Oct 2019 16:53:19 GMT
MP9Jyqtx.min.js
scripts.demandbase.com/
75 KB
18 KB
Script
General
Full URL
https://scripts.demandbase.com/MP9Jyqtx.min.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.24 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-24.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a02becff5da2f4a8660a33e1365c24621966445cc3c78029e9e4af31b7948ec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
5yCqreib.8fd_tgQ7VuTf3ckLKekbrix
content-encoding
gzip
last-modified
Tue, 15 Oct 2019 15:25:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
date
Fri, 18 Oct 2019 16:53:21 GMT
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-id
8T2GVE7imioYWLs36FLW6v0WPv32klmBpvm03lA4uGK751y5bIh7kQ==
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950296937/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950296937/?random=1571417599759&cv=9&fst=1571417599759&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&tiba=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
cd85ceb17a430ee2228d8f2d47c0b3f9e9322877a9e6bbae89aedd3eee904150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
951
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
251 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46454a26b3142dec4540c21c9c156f2b3e570488667f1bbcf81854e27925f2a4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
263 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
479f333c6cdf10724e19b33079cab821bb37b0a463170ea9943dcbc0c6d9dc67

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91221ebe7decdf80fc3cfddffa7595ff915be4af1a9a5620fc9c138bf6cc0363

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
562 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8bac03a9bf9bff1a50a992ffe70257f2c6a24e0cc79ba4c268baf19c9ca2880

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
588 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
047ef44b759411ac70b47ffb1c29a2814d34ec9aa7cf12a927340128500bc9fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7e6695bf782bd4b52cc817b8adba3d03973c348cea7622ecb06ab94165c4d0f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1006 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df7b034e11f350b02f383677a2c37d598922ad494d0e0241ad5740313332a5c8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e675880ebe2bfb0c3364d32f0ea5569eb1d50d4b18fd15c644cf67ce098e04ed

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3886459ca89f9ca7588cc412ddb3b279947acec2258c42c065bc044ce67276c0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6015b6cdafa09835ca9f65f2d9e211f3e120f8da2760401c7ba5e9520a260c37

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
blue-bg.png
www.proofpoint.com/sites/all/themes/proofpoint/images/
25 KB
25 KB
Image
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/images/blue-bg.png
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
5451119aa5fd566ad1bc22ab81193be0154f0e80c69a1b5d9c99d217f5737e3a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
last-modified
Wed, 04 Sep 2019 18:25:19 GMT
x-cdn
Incapsula
etag
"8b9597e3"
content-type
image/png
status
200
x-iinfo
12-154706040-154698625 2CNN RT(1571417599545 0) q(0 5 5 -1) r(5 5) U18
cache-control
max-age=1209104, public
content-length
25228
expires
Fri, 01 Nov 2019 16:45:03 GMT
Proofpoint-logo-reg-Reversed.png
www.proofpoint.com/sites/all/themes/proofpoint/images/
45 KB
45 KB
Image
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/images/Proofpoint-logo-reg-Reversed.png
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
1ee51b94d3a3346cbfb9f77ae1e629353494a22d41986fcf197aeae7ff530d70

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/sites/all/themes/proofpoint/css/styles.css?pzjcq2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
last-modified
Fri, 07 Dec 2018 08:47:10 GMT
x-cdn
Incapsula
etag
"c8a80c4c"
content-type
image/png
status
200
x-iinfo
12-154706235-154705803 2CNN RT(1571417600342 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1209105, public
content-length
46089
expires
Fri, 01 Nov 2019 16:45:04 GMT
earth.svg
www.proofpoint.com/sites/all/themes/proofpoint/images/
3 KB
2 KB
Image
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/images/earth.svg
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
b7eab4c7c851a155bd46eb51790debc67d6f4b076d8b7070da3bb77abab18448
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/sites/all/themes/proofpoint/css/styles.css?pzjcq2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157348
x-cache
HIT
status
200
x-iinfo
12-154706237-154705830 PNNN RT(1571417600350 0) q(0 0 0 -1) r(2 2) U18
x-cache-hits
6615
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-6f20c106-f059-11e9-bd8e-fb8b09cf7c4b
last-modified
Wed, 24 Apr 2019 16:02:59 GMT
server
nginx
content-type
image/svg+xml
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:10:51 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Fjalla+One|Roboto+Condensed
Origin
https://www.proofpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 07:16:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:22 GMT
server
sffe
age
639387
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10968
x-xss-protection
0
expires
Sat, 10 Oct 2020 07:16:52 GMT
BebasNeue-Bold.woff2
www.proofpoint.com/sites/all/themes/proofpoint/fonts/
13 KB
13 KB
Font
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/fonts/BebasNeue-Bold.woff2
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e2eb28c4292664b548ad2c8ecf855b1f425a08966c5b413a4a0184b6ff52a509
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.proofpoint.com/sites/all/themes/proofpoint/css/styles.css?pzjcq2
Origin
https://www.proofpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157348
x-cache
HIT
status
200
x-iinfo
12-154706028-154705830 PNNN RT(1571417599516 0) q(0 2 2 -1) r(4 4) U18
x-cache-hits
6299
x-ah-environment
prod
content-length
13140
x-request-id
v-6f290672-f059-11e9-b337-ffe093765dd9
last-modified
Fri, 07 Dec 2018 08:47:10 GMT
server
nginx
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:10:51 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kjouQb4.woff2
fonts.gstatic.com/s/fjallaone/v7/
11 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/fjallaone/v7/Yq6R-LCAWCX3-6Ky7FAFrOF6kjouQb4.woff2
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529e77ee17cf48e9ccbb5a64a0e59a1bbda0d9c011ee061f40b1aa189e8fabb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Fjalla+One|Roboto+Condensed
Origin
https://www.proofpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:56:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:50:02 GMT
server
sffe
age
629837
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11668
x-xss-protection
0
expires
Sat, 10 Oct 2020 09:56:02 GMT
proofpoint.woff2
www.proofpoint.com/sites/all/themes/proofpoint/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/fonts/proofpoint.woff2
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
88b3102f2889489e2db30d672885b580d0275e944baacebc652c90ce2263d7ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.proofpoint.com/sites/all/themes/proofpoint/css/styles.css?pzjcq2
Origin
https://www.proofpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157348
x-cache
HIT
status
200
x-iinfo
12-154706029-154705830 PNNN RT(1571417599519 0) q(0 4 4 -1) r(5 5) U18
x-cache-hits
6307
x-ah-environment
prod
content-length
18296
x-request-id
v-6f2f2278-f059-11e9-831c-27eee7e04fad
last-modified
Fri, 07 Dec 2018 08:45:31 GMT
server
nginx
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:10:51 GMT
BebasNeue-Regular.woff2
www.proofpoint.com/sites/all/themes/proofpoint/fonts/
27 KB
27 KB
Font
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/fonts/BebasNeue-Regular.woff2
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
94761f99487dcae4d91af9d25f37227af94965157adee62bd2f503645ded4fc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.proofpoint.com/sites/all/themes/proofpoint/css/styles.css?pzjcq2
Origin
https://www.proofpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157333
x-cache
HIT
status
200
x-iinfo
12-154706031-154705600 PNNN RT(1571417599524 0) q(0 4 4 -1) r(6 7) U18
x-cache-hits
4770
x-ah-environment
prod
content-length
27220
x-request-id
v-77e8426e-f059-11e9-ab9f-27f5ad0b3d9b
last-modified
Fri, 07 Dec 2018 08:47:10 GMT
server
nginx
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:11:06 GMT
js
www.google-analytics.com/gtm/
65 KB
24 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KKGL4NZ&cid=783141999.1571417600&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6a28d2ee786daa359bfe66bb1048943042b3a08efd1d4b00c41964ca5c70150
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24281
x-xss-protection
0
expires
Fri, 18 Oct 2019 16:53:19 GMT
munchkin.js
munchkin.marketo.net/155/
9 KB
4 KB
Script
General
Full URL
https://munchkin.marketo.net/155/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.223 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-84-223.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Nov 2018 03:18:20 GMT
Server
Apache
ETag
"c67dad42946949112916578f78706df8:1543547900"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3923
Expires
Sun, 26 Jan 2020 16:53:19 GMT
/
www.google.com/pagead/1p-user-list/950296937/
42 B
110 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/950296937/?random=1571417599759&cv=9&fst=1571414400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&tiba=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&fmt=3&is_vtc=1&random=4196556041&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/950296937/
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/950296937/?random=1571417599759&cv=9&fst=1571414400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&tiba=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&fmt=3&is_vtc=1&random=4196556041&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/
859 B
944 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/sites/all/themes/proofpoint/js/script.js?pzjcq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
me
geoip-js.maxmind.com/geoip/v2.1/country/
771 B
1 KB
XHR
General
Full URL
https://geoip-js.maxmind.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Fwww.proofpoint.com
Requested by
Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29ac63f8416342d82dbcaca48d4c2999bbd7717c1bac431fc91413d2af88b13

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
527c071f7db8cbcc-VIE
content-length
771
truncated
/
562 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fde80b0aaf01a7fe4f8de3dbb671abadb59a30f6143e828b8000ac4fa9a45ec

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
conversion_async.js
www.googleadservices.com/pagead/
24 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
04cc99186aa1ed2c9e0989ad7f6a2e180508c8656caef8cd2b153fa8dbba9038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9198
x-xss-protection
0
server
cafe
etag
4566352449703540938
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Oct 2019 16:53:19 GMT
bat.js
bat.bing.com/
23 KB
7 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: BFED8F0966D4494591790FF6515984C7 Ref B: VIEEDGE1318 Ref C: 2019-10-18T16:53:19Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
insight.min.js
sjs.bizographics.com/
3 KB
2 KB
Script
General
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:293::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=68623
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
content-encoding
gzip
age
31196
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19178-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1571417600.917252,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
hotjar-1456002.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1456002.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.85.25 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-9
Software
openresty /
Resource Hash
352149d561c2edbd5fbed85c1a1053c9e56dec091c6d1a933ffa45e3cb4cf0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
content-length
1599
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/cf6c5953676bfe522ca8138f865e560f
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.066
section-io-id
aec1d7d9448c73c1b66df9f470825eb2
accept-ranges
bytes
content-type
application/javascript
quant.js
secure.quantserve.com/
12 KB
6 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.167 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18-Oct-2019 16:53:19 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Fri, 25 Oct 2019 16:53:19 GMT
fbevents.js
connect.facebook.net/en_US/
103 KB
22 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
22458
x-xss-protection
0
pragma
public
x-fb-debug
oIHr5cJR2FDa/3PKUQGWMpygBpT9gd3qz408yiMcghWvT0hiEm51SWTIm4rB33o0AWCDWfE4mOKrpGbu/Sbc2Q==
x-fb-trip-id
1970646000
x-frame-options
DENY
date
Fri, 18 Oct 2019 16:53:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
s
ads.avocet.io/
Redirect Chain
  • https://ads.avocet.io/s?add=5aba5f53ab79f7f51390a95a&ty=j
  • https://ads.avocet.io/s?bounce=true&add=5aba5f53ab79f7f51390a95a&ty=j
0
417 B
Script
General
Full URL
https://ads.avocet.io/s?bounce=true&add=5aba5f53ab79f7f51390a95a&ty=j
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.122.164 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-122-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:20 GMT
Connection
keep-alive
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
0
Content-Type
application/javascript

Redirect headers

Location
/s?bounce=true&add=5aba5f53ab79f7f51390a95a&ty=j
Date
Fri, 18 Oct 2019 16:53:20 GMT
Connection
keep-alive
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
79
Content-Type
text/html; charset=utf-8
j.php
dev.visualwebsiteoptimizer.com/
899 B
671 B
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=359897&u=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&r=0.5502115243512766
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
c98a09e57a229ff0b4ffad1d736b76616a5b882bd38d07fb93ad172c8ec8d8a6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 18 Oct 2019 16:53:19 GMT
content-encoding
gzip
server
dacdn2
content-type
application/javascript; charset=UTF-8
1594.js
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/1594.js?p=https://www.proofpoint.com/us/blog/threat-insight&e=
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

1644.js
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/1644.js?p=https://www.proofpoint.com/us/blog/threat-insight&e=
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

1645.js
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/1645.js?p=https://www.proofpoint.com/us/blog/threat-insight&e=
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

1646.js
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/1646.js?p=https://www.proofpoint.com/us/blog/threat-insight&e=
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

1647.js
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/1647.js?p=https://www.proofpoint.com/us/blog/threat-insight&e=
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

main.rtfl.js
visitor.reactful.com/dist/
269 KB
104 KB
Script
General
Full URL
https://visitor.reactful.com/dist/main.rtfl.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
6133e41555e0169c50044cb52a13271289303965ec1bf735025c7a578fdf6cae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:50:36 GMT
content-encoding
gzip
server
Google Frontend
age
163
etag
"GMBorA"
content-type
application/javascript; charset=UTF-8
status
200
x-cloud-trace-context
439b178484626dcf1646ace2a56c8a16
cache-control
public, max-age=600
content-length
106047
expires
Fri, 18 Oct 2019 17:00:36 GMT
ip.json
api.company-target.com/api/v2/
423 B
928 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?key=8d20076343394d24eb8250e933d1560c
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.5 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-5.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
5b4f7ddf2cbd5ef8611f5fd90529a7c0b42bedb4c6f5a8f08d1c328b55043372

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
status
200
access-control-max-age
1728000
request-id
43c4e966-7967-420d-b897-877d41b2d4ef
x-amz-cf-id
xF0T7B4U6eAieoC_SrRZAgRDK0dMcBzL1ljxHf6DJImjJhcs_6xXbQ==
pragma
no-cache
access-control-allow-origin
https://www.proofpoint.com
server
nginx
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source
STANDARD
expires
Thu, 17 Oct 2019 16:53:19 GMT
s
ads.avocet.io/
Redirect Chain
  • https://ads.avocet.io/s?add=5d1dcad3b00320110090d553&ty=j
  • https://ads.avocet.io/s?bounce=true&add=5d1dcad3b00320110090d553&ty=j
0
264 B
Script
General
Full URL
https://ads.avocet.io/s?bounce=true&add=5d1dcad3b00320110090d553&ty=j
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.122.164 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-122-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:20 GMT
Connection
keep-alive
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
0
Content-Type
application/javascript

Redirect headers

Location
/s?bounce=true&add=5d1dcad3b00320110090d553&ty=j
Date
Fri, 18 Oct 2019 16:53:20 GMT
Connection
keep-alive
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
79
Content-Type
text/html; charset=utf-8
activityi;dc_pre=CPuC2d6ipuUCFcawewodMAwP1A;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224
4788165.fls.doubleclick.net/ Frame 3CAB
Redirect Chain
  • https://4788165.fls.doubleclick.net/activityi;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224?
  • https://4788165.fls.doubleclick.net/activityi;dc_pre=CPuC2d6ipuUCFcawewodMAwP1A;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224?
0
0
Document
General
Full URL
https://4788165.fls.doubleclick.net/activityi;dc_pre=CPuC2d6ipuUCFcawewodMAwP1A;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4788165.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPuC2d6ipuUCFcawewodMAwP1A;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.proofpoint.com/us/blog/threat-insight
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.proofpoint.com/us/blog/threat-insight

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 18 Oct 2019 16:53:19 GMT
expires
Fri, 18 Oct 2019 16:53:19 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
421
x-xss-protection
0
set-cookie
IDE=AHWqTUk2dkppiXUAwWVnJ4J0P53Gb_9KCpyh9sjwF0WoxH7rtw5wwZqg0VWpjClq; expires=Wed, 11-Nov-2020 16:53:19 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 18 Oct 2019 16:53:19 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4788165.fls.doubleclick.net/activityi;dc_pre=CPuC2d6ipuUCFcawewodMAwP1A;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7946557950017.224?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 18-Oct-2019 17:08:19 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
attr.ml-api.io/
Redirect Chain
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dproofpoint.com%26pId%3d%24UID
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dproofpoint.com%26pId%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dproofpoint.com%2526pId%253d%2524UID
  • https://attr.ml-api.io/?domain=proofpoint.com&pId=730549684094250592
4 B
484 B
Image
General
Full URL
https://attr.ml-api.io/?domain=proofpoint.com&pId=730549684094250592
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.10 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-10.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:20 GMT
Via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
x-amzn-RequestId
34e4ccb8-c5ad-42f6-b86a-f5712c5b80a1
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
X-Amzn-Trace-Id
Root=1-5da9ee00-01032689e35ed3e71a41a367;Sampled=0
Connection
keep-alive
x-amz-apigw-id
BxIgIGh4oAMF6lw=
Content-Length
4
X-Amz-Cf-Id
TjfF7kWnpRVWYnBItImOoiK_6FVnipZGGRxz2DgSQe0-XBlKoh27kw==

Redirect headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:53:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.229:80
AN-X-Request-Uuid
09814aa7-8641-4197-8dad-2cd8eb7c2023
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://attr.ml-api.io/?domain=proofpoint.com&pId=730549684094250592
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
src=8909468;dc_pre=CJvqi9-ipuUCFQOaGAodzd0GrA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://gwmtracking.com/p/v/1/5b7320b8f870815f7f59492b/format/img?gtmcb=1495065340
  • https://ad.doubleclick.net/ddm/activity/src=8909468;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=8909468;dc_pre=CJvqi9-ipuUCFQOaGAodzd0GrA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CJvqi9-ipuUCFQOaGAodzd0GrA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
42 B
109 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CJvqi9-ipuUCFQOaGAodzd0GrA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CJvqi9-ipuUCFQOaGAodzd0GrA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
roundtrip.js
s.adroll.com/j/
33 KB
11 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGR7P8X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9376bf715986d3500b26c5935970ee676b9f57844fc26844fcfcb2eebd97a97c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
fTDJv6EgcLjvYeTBgoNw0ttHF7cHKgnf
Content-Encoding
gzip
ETag
"f37bc546fe63ca0c7926a4cf9948bee0"
x-amz-request-id
0E2B8F4FFF24281B
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
10489
x-amz-id-2
aqIWInyXpxAm5bJk5AWCcZJTVlWaRn4pEfDbjju4BOaEKVQgzu6hAcRaqJ/wk9RLGNHM8q0hoGg=
Last-Modified
Mon, 14 Oct 2019 16:06:49 GMT
Server
AmazonS3
Date
Fri, 18 Oct 2019 16:53:20 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
visitWebPage
309-rhv-619.mktoresp.com/webevents/
2 B
303 B
XHR
General
Full URL
https://309-rhv-619.mktoresp.com/webevents/visitWebPage?_mchNc=1571417599957&_mchCn=&_mchId=309-RHV-619&_mchTk=_mch-proofpoint.com-1571417599957-45891&_mchHo=www.proofpoint.com&_mchPo=&_mchRu=%2Fus%2Fblog%2Fthreat-insight&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/155/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
akka-http/10.1.7 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Oct 2019 16:53:20 GMT
Content-Encoding
gzip
Server
akka-http/10.1.7
Transfer-Encoding
chunked
X-Request-Id
17031e25-98df-4268-8d3a-49135928ddfe
Content-Type
text/plain; charset=UTF-8
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/
23 KB
9 KB
Script
General
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 11:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105445
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8680
x-xss-protection
0
last-modified
Wed, 16 Oct 2019 09:47:41 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 25 Oct 2019 11:35:55 GMT
143852102935619
connect.facebook.net/signals/config/
280 KB
65 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/143852102935619?v=2.9.5&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c735fa87b24bfe3be295a578917072e0893ce87eb10dd8f8c3ef704d164a1ce0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
hdB2RvmpoRsZe3eM5/muujq+xNehPQg95EDKdVBwJKjPtIumh9ExU2ZWRkBlhVgLmhI2PPCqLWv1OmscWR0mIw==
x-fb-trip-id
1970646000
x-frame-options
DENY
date
Fri, 18 Oct 2019 16:53:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=919264890&t=pageview&_s=1&dl=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&ul=en-us&de=UTF-8&dt=Threat%20Insight%20Info...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2257074-1&cid=783141999.1571417600&jid=2057954075&_gid=627733773.1571417600&gjid=1662105019&_v=j79&z=830468178
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=2057954075&_v=j79&z=830468178
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=2057954075&_v=j79&z=830468178&slf_rd=1&random=1578144596
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=2057954075&_v=j79&z=830468178&slf_rd=1&random=1578144596
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=2057954075&_v=j79&z=830468178&slf_rd=1&random=1578144596
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950296937/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950296937/?random=1571417599972&cv=9&fst=1571417599972&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&tiba=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
340302b442f8e9eec53a83e5ce236933254e36a4d560a1b6c9f8b4050bf5693f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
965
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&time=1571417599975
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D169250%26url%3Dhttps%253A%252F%252Fwww.proofpoint.com%252Fus%252Fblog%252Fthreat-...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&time=1571417599975&liSync=true
0
71 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&time=1571417599975&liSync=true
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
20
x-li-uuid
TNKTW/vLzhWAYRiA3CoAAA==

Redirect headers

date
Fri, 18 Oct 2019 16:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
vary
Accept-Encoding
content-length
20
x-li-uuid
uK9HTvvLzhVw2QlYfisAAA==
server
Play
pragma
no-cache
x-li-pop
prod-efr5
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&time=1571417599975&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
rules-p-R3wfD8YvtmDvY.js
rules.quantcount.com/
3 B
354 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-R3wfD8YvtmDvY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:ca00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:52:08 GMT
via
1.1 10e95c517e657ad53448fce5195e9cba.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
86
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=300
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-length
3
x-amz-cf-id
6vxn0XNvyEr9fLyD91_ZRRn4B7BP7M0Gx7zuaKKNleNy4ZpTk0ozqw==
adsct
t.co/i/
43 B
447 B
Image
General
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyk4d&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
123
pragma
no-cache
last-modified
Fri, 18 Oct 2019 16:53:20 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3e6119195dcc2ed06c52f718e6d78e1c
x-transaction
003c532d00c0b9a8
expires
Tue, 31 Mar 1981 05:00:00 GMT
v.gif
dev.visualwebsiteoptimizer.com/
35 B
236 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=359897&d=proofpoint.com&u=D828F133EC9E0E5B1DB8EFDB3BE8BF3BF&h=e774eb0135404c2111a40033488d31ec&t=false&r=0.3028878909606123
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:19 GMT
x-content-type-options
nosniff
server
dacdn2
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
0
bat.bing.com/action/
0
148 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17087961&Ver=2&mid=921612c9-1f45-51f7-490d-4e36917f45b8&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&p=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&r=&lt=2820&evt=pageLoad&msclkid=N&rn=801880
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Fri, 18 Oct 2019 16:53:19 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: F55549CA1FF943628B1200B30BDDE6F7 Ref B: VIEEDGE1318 Ref C: 2019-10-18T16:53:19Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.c8b73d293ba6e2f7c665.js
script.hotjar.com/
431 KB
73 KB
Script
General
Full URL
https://script.hotjar.com/modules.c8b73d293ba6e2f7c665.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1456002.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.75 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-1
Software
/
Resource Hash
eb4747d9593a2ff2ae1cd49338bb1d5121c21df7e9bd7e11471ef8dc43dbd1c6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
content-encoding
br
last-modified
Thu, 17 Oct 2019 12:05:37 GMT
status
200
etag
"fd94f49e11a30d7540e1ae15f19b929e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.043
section-io-origin-status
200
accept-ranges
bytes
section-io-id
ab12be41f2755443140741282ee687cc
content-length
74002
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/7YJ7XZCLMRHSVCXIHB5HIT/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
680 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
niuFHHiE0TCeLklfDq1_G80VStt1Fv5p
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
49478B962289910C
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
28
x-amz-id-2
3YbRq7O/wetiCWiTOhO4PZ0DDJm7oU1WHojYg0yqJWYoJhq4jd6IpK2njQyhXw6H13nB6urMoZk=
Last-Modified
Mon, 14 Oct 2019 16:46:26 GMT
Server
AmazonS3
Date
Fri, 18 Oct 2019 16:53:20 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Fri, 18 Oct 2019 16:53:20 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
7YJ7XZCLMRHSVCXIHB5HIT
d.adroll.com/consent/check/
72 B
389 B
Script
General
Full URL
https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT?_s=4037593e6261f9fa10ca28da5bf8906d&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.133.226 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-133-226.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
c4859ba5ee78bff5e5f307903b1bd6d1e784171786701360a40eceeb6c9e95cc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript
content-length
72
/
visitor.reactful.com/config/879986/
194 KB
19 KB
XHR
General
Full URL
https://visitor.reactful.com/config/879986/?page=%2Fus%2Fblog%2Fthreat-insight&hash=&referer=&user_id=&hshkgid=d83c9ab1-b751-480e-82ea-9b7fe00e3dc3&cb_rtfl=_rtfl_jsonp_0
Requested by
Host: visitor.reactful.com
URL: https://visitor.reactful.com/dist/main.rtfl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d0a74312e286bb34b208be2688078121a35fae1a8bae3f7f879c08f9f3385e77

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
Custom-Vars-Data
eyJyZWdpc3RyeV9jb21wYW55X25hbWUiOiJIZXR6bmVyIE9ubGluZSBHbWJIIiwicmVnaXN0cnlfY2l0eSI6bnVsbCwicmVnaXN0cnlfc3RhdGUiOm51bGwsInJlZ2lzdHJ5X3ppcF9jb2RlIjpudWxsLCJyZWdpc3RyeV9hcmVhX2NvZGUiOm51bGwsInJlZ2lzdHJ5X2RtYV9jb2RlIjpudWxsLCJyZWdpc3RyeV9jb3VudHJ5IjoiR2VybWFueSIsInJlZ2lzdHJ5X2NvdW50cnlfY29kZSI6IkRFIiwicmVnaXN0cnlfY291bnRyeV9jb2RlMyI6bnVsbCwicmVnaXN0cnlfbGF0aXR1ZGUiOjUxLjMsInJlZ2lzdHJ5X2xvbmdpdHVkZSI6OS40OSwiaXNwIjp0cnVlLCJpbmZvcm1hdGlvbl9sZXZlbCI6IkJhc2ljIiwiYXVkaWVuY2UiOiJCb3QiLCJhdWRpZW5jZV9zZWdtZW50IjoiIiwiaXAiOiIxNDQuNzYuMTA5LjMwIiwicmVnaW9uX25hbWUiOm51bGx9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:21 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
access-control-allow-origin
https://www.proofpoint.com
x-cloud-trace-context
7b88d1a707a3c2e0db68ce138a985967
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Six-Sense-Data,Custom-Vars-Data
content-length
19353
expires
Fri, 18 Oct 2019 16:53:21 GMT
DE.png
www.proofpoint.com/sites/all/modules/custom/pp_cdn/images/
3 KB
4 KB
Image
General
Full URL
https://www.proofpoint.com/sites/all/modules/custom/pp_cdn/images/DE.png
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
013ebc8682bafe775a56f93904cff8456974906327dad3524e2ab2fe0c0df700

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:19 GMT
last-modified
Wed, 17 Jul 2019 18:26:10 GMT
x-cdn
Incapsula
etag
"cc0c264c"
content-type
image/png
status
200
x-iinfo
12-154706111-154697595 2CNN RT(1571417599809 0) q(0 4 4 0) r(4 4) U18
cache-control
max-age=1209105, public
content-length
3329
expires
Fri, 01 Nov 2019 16:45:04 GMT
truncated
/
571 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89cfdadb23c7206b508ca2007f1e8c183f609fd283a91b03e19b64ee2f03a288

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
close_button.svg
www.proofpoint.com/sites/all/themes/proofpoint/images/
433 B
664 B
Image
General
Full URL
https://www.proofpoint.com/sites/all/themes/proofpoint/images/close_button.svg
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
ba2fc3f7fc4e3de678f7071c05e967705f407dd069e2488b9845c6eb55fb240f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/sites/all/themes/proofpoint/css/styles.css?pzjcq2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
varnish
x-content-type-options
nosniff
x-cdn
Incapsula
age
157326
x-cache
HIT
status
200
x-iinfo
12-154706110-154705830 PNNN RT(1571417599806 0) q(0 3 3 0) r(5 5) U18
x-cache-hits
852
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-7c1bcc70-f059-11e9-8d54-b378ce128322
last-modified
Wed, 17 Jul 2019 18:26:10 GMT
server
nginx
content-type
image/svg+xml
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 30 Oct 2019 21:11:13 GMT
box-74dcf4e32eff343c96838bf3a780ac1d.html
vars.hotjar.com/ Frame 3D40
0
0
Document
General
Full URL
https://vars.hotjar.com/box-74dcf4e32eff343c96838bf3a780ac1d.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1456002.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-74dcf4e32eff343c96838bf3a780ac1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.proofpoint.com/us/blog/threat-insight
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.proofpoint.com/us/blog/threat-insight

Response headers

status
200
date
Fri, 18 Oct 2019 16:53:20 GMT
content-type
text/html
content-length
808
cache-control
max-age=31536000
content-encoding
br
last-modified
Thu, 17 Oct 2019 10:26:51 GMT
etag
"e97b43816dfbff056689db51ae5cdfc7"
section-io-origin-status
200
section-io-origin-time-seconds
0.027
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
44ab9ce3ab81c1aa447d72dc1f1b8d07
/
www.google.com/pagead/1p-user-list/950296937/
42 B
110 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/950296937/?random=1571417599972&cv=9&fst=1571414400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&tiba=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&async=1&fmt=3&is_vtc=1&random=3710865407&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/950296937/
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/950296937/?random=1571417599972&cv=9&fst=1571414400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&tiba=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&async=1&fmt=3&is_vtc=1&random=3710865407&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
248 B
Image
General
Full URL
https://www.facebook.com/tr/?id=143852102935619&ev=PageView&dl=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&rl=&if=false&ts=1571417600170&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbp=fb.1.1571417600169.439049893&it=1571417599965&coo=false&rqm=GET
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 18 Oct 2019 16:53:20 GMT
ip.json
api.company-target.com/api/v2/
423 B
926 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&page_title=Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog&key=2e81efc731d57cb3e458d08fae112991&src=tag
Requested by
Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/MP9Jyqtx.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.5 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-5.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
5b4f7ddf2cbd5ef8611f5fd90529a7c0b42bedb4c6f5a8f08d1c328b55043372

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
status
200
access-control-max-age
1728000
request-id
9670e31f-74d0-4de4-8517-86ca51c2a690
x-amz-cf-id
-AigsstsyFxLMVCnUm0HdB42TyaxdlsypkIt-0x790SlhYpWVShp8w==
pragma
no-cache
access-control-allow-origin
https://www.proofpoint.com
server
nginx
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source
STANDARD
expires
Thu, 17 Oct 2019 16:53:20 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AAJRMU67U9wAAEAJjCYpJQ
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAJRMU67U9wAAEAJjCYpJQ&verifyHash=b013e57539bcc7693320d12e4977e08bd9b065c1
26 B
390 B
Image
General
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAJRMU67U9wAAEAJjCYpJQ&verifyHash=b013e57539bcc7693320d12e4977e08bd9b065c1
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.119 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-119.fra50.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:53:20 GMT
Via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
trace-id
6ac5c3fa6dac786e
Content-Length
26
X-Amz-Cf-Id
oWMML33P9LFXb66bqfNJZ5lz10suNtU0479qwKdJCnUb0rIYl9eelQ==

Redirect headers

Date
Fri, 18 Oct 2019 16:53:20 GMT
Via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AAJRMU67U9wAAEAJjCYpJQ&verifyHash=b013e57539bcc7693320d12e4977e08bd9b065c1
Connection
keep-alive
trace-id
ded9ed0eb1eaf822
Content-Length
0
X-Amz-Cf-Id
JTKGf4vk1j6hB7OOphi-_TJ8oEp1W0eQJEycjdMnzTKG5IOho_dh5g==
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=919264890&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&ul=en-us&de=UTF-8&dt=Threat%20Insight%20In...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2257074-1&cid=783141999.1571417600&jid=1041879645&_gid=627733773.1571417600&gjid=858682926&_v=j79&z=31425699
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=1041879645&_v=j79&z=31425699
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=1041879645&_v=j79&z=31425699&slf_rd=1&random=2439454167
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=1041879645&_v=j79&z=31425699&slf_rd=1&random=2439454167
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=783141999.1571417600&jid=1041879645&_v=j79&z=31425699&slf_rd=1&random=2439454167
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
T47Y2VPPABDUBJXFROMZZM.js
s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/
Redirect Chain
  • https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&pv=51926682654.25737&cookie=&adroll_s_ref=&keyw=&arrfrr=h...
  • https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
4 KB
2 KB
Script
General
Full URL
https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5845e8453fb8ad463202d8314428e13413d953b87a024ab6eedb0e988e620c19

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
dwlld16Df9e5KETqcUXx9X8tirgIhUOf
Content-Encoding
gzip
ETag
"fb5bf8932022bf0d652c73d5f80ec463"
x-amz-request-id
0EE31F7DA6DE09D1
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1529
x-amz-id-2
wMXmXR/RtXcOTAFCcJJJkAVioNrZoh8MHtXR309xvrd1psZajZlgcvpj0H8az6MsaO4xBH1z2zo=
Last-Modified
Thu, 10 Oct 2019 21:00:05 GMT
Server
AmazonS3
Date
Fri, 18 Oct 2019 16:53:20 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

date
Fri, 18 Oct 2019 16:53:20 GMT
x-segment-display-name
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
content-length
0
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.16.1
x-rule
*
x-segment-eid
T47Y2VPPABDUBJXFROMZZM
location
https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
YV5KYXXEJZATZCT37YRTMK
x-segment-name
*
x-advertisable-eid
7YJ7XZCLMRHSVCXIHB5HIT
x-conversion-currency
sendrolling.js
s.adroll.com/j/
9 KB
3 KB
Script
General
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
pXd9Wb4g4.BPfm4ipvhuYT8w1VYxgTrr
Content-Encoding
gzip
ETag
"15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id
BC48FE3A96035FD4
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2039
x-amz-id-2
KyMM5ErOSHe93m7qN7ERN7G5/ALWIcdQYu+WfN8BsQhBee2jTLEri47YRTHHlVS7mRE0KLhkm4s=
Last-Modified
Fri, 18 Oct 2019 10:22:48 GMT
Server
AmazonS3
Date
Fri, 18 Oct 2019 16:53:20 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
389545881899618
connect.facebook.net/signals/config/
280 KB
65 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/389545881899618?v=2.9.5&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
982a37a77841bb2605640a96be4e9e3397d167e9eff414df8efd88067274445f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
5W25dBF6eAMjUI15NqAMNMnDgZnLEaRd0awz4SMsYbyjSNeI0esEAcUHXGweVArQM5H6zBH0jcvEwe67PLQN+g==
x-fb-trip-id
1970646000
x-frame-options
DENY
date
Fri, 18 Oct 2019 16:53:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://pixel.advertising.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPca22e0a6-f1c7-11e9-bb69-06...
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPca22e0a6-f1c7-11e9-bb69-06...
0
472 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPca22e0a6-f1c7-11e9-bb69-06875ccc64d2&verify=true
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-223-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 18 Oct 2019 16:53:20 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Fri, 18 Oct 2019 16:53:20 GMT
content-length
0
location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPca22e0a6-f1c7-11e9-bb69-06875ccc64d2&verify=true
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expiration=1602953600
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expiration=1602953600&C=1
43 B
898 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expiration=1602953600&C=1
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:53:20 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Oct 2019 16:53:20 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:53:20 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expiration=1602953600&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Fri, 18 Oct 2019 16:53:20 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expires=365
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
nginx/1.16.1
status
302
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&expires=365
cache-control
no-store, no-cache, must-revalidate
content-length
124
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&rdrctExp=true
0
358 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&rdrctExp=true
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, JFK, HHN, Europe1
x-timer
S1571417600.483737,VS0,VE146
accept-ranges
bytes, bytes
x-served-by
cache-jfk8137-JFK, cache-hhn4073-HHN
x-cache
MISS, MISS
status
200
backend-ip
104.156.90.37
x-traceid
9607eded5f4b90af5a36d4edbee59429
content-length
0
x-cache-hits
0, 0

Redirect headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, JFK, HHN, Europe1
x-timer
S1571417600.390387,VS0,VE87
accept-ranges
bytes, bytes
x-served-by
cache-jfk8135-JFK, cache-hhn4073-HHN
status
302
x-cache
MISS, MISS
location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&rdrctExp=true
backend-ip
104.156.90.35
x-traceid
cddc6efd564f155969a8db2f3c223f93
content-length
0
x-cache-hits
0, 0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
862 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 18 Oct 2019 16:53:20 GMT
X-lat
Pug22055:0:507
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
nginx/1.16.1
status
302
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
cache-control
no-store, no-cache, must-revalidate
content-length
220
in
d.adroll.com/cm/r/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
360 B
Image
General
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.133.226 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-133-226.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42

Redirect headers

Date
Fri, 18 Oct 2019 16:53:20 GMT
X-Content-Type-Options
nosniff
Server
ATS
Age
0
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
0
261 B
Image
General
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1571417600.357803,VS0,VE8
x-cache
MISS
status
204
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-hhn4073-HHN

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
nginx/1.16.1
status
302
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
cache-control
no-store, no-cache, must-revalidate
content-length
111
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&dongle=c85e&gdpr=1&cmp_cs=
37 B
336 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&dongle=c85e&gdpr=1&cmp_cs=
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.13.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-13-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 18 Oct 2019 16:53:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status
302
date
Fri, 18 Oct 2019 16:53:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
/xuid?ld=1&mid=4714&xuid=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc&dongle=c85e&gdpr=1&cmp_cs=
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
43 B
378 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.143.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-93-143-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 18 Oct 2019 16:53:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Fri, 18 Oct 2019 16:53:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://ib.adnxs.com/setuid?entity=172&code=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
43 B
1020 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=172&code=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:53:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.87:80
AN-X-Request-Uuid
9bc4930c-b2b6-48a0-8218-a71d1075fb2d
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
nginx/1.16.1
status
302
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ib.adnxs.com/setuid?entity=172&code=NzNhYjA1MGJlZWJmYzNjZmQyNWE0YTIzYzU3ZTYwNjc
cache-control
no-store, no-cache, must-revalidate
content-length
93
377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://idsync.rlcdn.com/377928.gif?partner_uid=73ab050beebfc3cfd25a4a23c57e6067
0
62 B
Image
General
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=73ab050beebfc3cfd25a4a23c57e6067
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 18 Oct 2019 16:53:20 GMT
via
1.1 google
alt-svc
clear

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
nginx/1.16.1
status
302
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://idsync.rlcdn.com/377928.gif?partner_uid=73ab050beebfc3cfd25a4a23c57e6067
cache-control
no-store, no-cache, must-revalidate
content-length
86
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=73ab050beebfc3cfd25a4a23c57e6067
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=73ab050beebfc3cfd25a4a23c57e6067
43 B
183 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=73ab050beebfc3cfd25a4a23c57e6067
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
via
1.1 google
server
OXGW/16.163.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Oct 2019 16:53:20 GMT
via
1.1 google
server
OXGW/16.163.0
status
302
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=73ab050beebfc3cfd25a4a23c57e6067
alt-svc
clear
content-length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=1e747e2fce5f0d6c6d356fa33efc60c8-1571417600254&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT&google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=c6sFC-6_w8_SWkojxX5gZw
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=c6sFC-6_w8_SWkojxX5gZw&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
377 B
Image
General
Full URL
https://d.adroll.com/cm/g/in
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.133.226 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-133-226.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:53:20 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=2081898025;rf=0;a=p-R3wfD8YvtmDvY;url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight;fpan=1;fpa=P0-245774044-1571417600401;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;...
pixel.quantserve.com/
35 B
494 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2081898025;rf=0;a=p-R3wfD8YvtmDvY;url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight;fpan=1;fpa=P0-245774044-1571417600401;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1571417600401;tzo=-120;ogl=url.https%3A%2F%2Fwww%252Eproofpoint%252Ecom%2Fus%2Fblog%2Fthreat-insight%2Ctitle.Blog%20%7C%20Proofpoint%20US
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.244 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:53:20 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/
44 B
100 B
Image
General
Full URL
https://www.facebook.com/tr/?id=389545881899618&ev=PageView&dl=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&rl=&if=false&ts=1571417600451&cd[segment_eid]=T47Y2VPPABDUBJXFROMZZM&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=29&fbp=fb.1.1571417600169.439049893&it=1571417599965&coo=false&rqm=GET
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 18 Oct 2019 16:53:20 GMT
_Incapsula_Resource
www.proofpoint.com/
1 B
35 B
Image
General
Full URL
https://www.proofpoint.com/_Incapsula_Resource?SWKMTFSR=1&e=0.19535837666150924
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
no-cache
x-robots-tag
noindex
content-length
1
content-type
text/plain
/
www.facebook.com/tr/
44 B
100 B
Image
General
Full URL
https://www.facebook.com/tr/?id=143852102935619&ev=Microdata&dl=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight&rl=&if=false&ts=1571417600672&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Threat%20Insight%20Information%20%26%20Resources%20%7C%20Proofpoint%20Blog%22%2C%22meta%3Adescription%22%3A%22Browse%20Threat%20Insight%20information%2C%20resources%2C%20news%2C%20and%20blog%20posts.%20Gain%20the%20insights%20you%20need%20to%20prevent%20cybersecurity%20threats%20and%20protect%20your%20organization.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight%22%2C%22og%3Atitle%22%3A%22Blog%20%7C%20Proofpoint%20US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fwww.schema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Proofpoint%22%2C%22url%22%3A%22https%3A%2F%2Fwww.proofpoint.com%2Fus%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.proofpoint.com%2F%22%5D%2C%22logo%22%3A%22https%3A%2F%2Fwww.proofpoint.com%2Fsites%2Fall%2Fthemes%2Fproofpoint%2Flogo.svg%22%2C%22image%22%3A%22https%3A%2F%2Fmedia.glassdoor.com%2Fl%2F39140%2Fproofpoint-office.jpg%22%2C%22address%22%3A%7B%22%40type%22%3A%22PostalAddress%22%2C%22streetAddress%22%3A%22892%20Ross%20Dr%22%2C%22addressLocality%22%3A%22Sunnyvale%22%2C%22addressRegion%22%3A%22California%22%2C%22postalCode%22%3A%2294089%22%2C%22addressCountry%22%3A%22United%20States%22%7D%2C%22openingHours%22%3A%22Mo%2C%20Tu%2C%20We%2C%20Th%2C%20Fr%2008%3A00-17%3A00%22%2C%22contactPoint%22%3A%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B1(408)%20517-4710%22%2C%22contactType%22%3A%22Sales%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.5&r=stable&ec=1&o=30&fbp=fb.1.1571417600169.439049893&it=1571417599965&coo=false&es=automatic&rqm=GET
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 18 Oct 2019 16:53:20 GMT
nr-1130.min.js
js-agent.newrelic.com/
24 KB
10 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1130.min.js
Requested by
Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/blog/threat-insight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:21 GMT
content-encoding
gzip
x-amz-request-id
8174A4BD27442C39
x-cache
HIT
status
200
content-length
9407
x-amz-id-2
okRb4AqloAZZ3+qaWnpqMQYC7hkPpbr/Yrluzst01SO9f1ckk5T9tspUtBHMBazVI7CvXAVZCdo=
x-served-by
cache-fra19170-FRA
last-modified
Tue, 09 Jul 2019 23:52:06 GMT
server
AmazonS3
x-timer
S1571417601.220788,VS0,VE0
etag
"73f8857196b9ef7fd3b302cbc557b8ac"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
21458
adsct
analytics.twitter.com/i/
31 B
634 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyk4d&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fblog%2Fthreat-insight
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
129
pragma
no-cache
last-modified
Fri, 18 Oct 2019 16:53:21 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
240a257b5154c1079fc102c2d110eda7
x-transaction
00f7ab6600438511
expires
Tue, 31 Mar 1981 05:00:00 GMT
0ae22ad83e
bam.nr-data.net/1/
57 B
261 B
Script
General
Full URL
https://bam.nr-data.net/1/0ae22ad83e?a=51794255&v=1130.54e767a&to=bgQBYERQXBBWVBFbDldOIldCWF0NGEEMVxZKPhNVUVQ%3D&rst=4155&ref=https://www.proofpoint.com/us/blog/threat-insight&ap=510&be=1161&fe=4131&dc=2791&perf=%7B%22timing%22:%7B%22of%22:1571417597070,%22n%22:0,%22r%22:0,%22re%22:842,%22f%22:842,%22dn%22:842,%22dne%22:842,%22c%22:842,%22ce%22:842,%22rq%22:843,%22rp%22:1154,%22rpe%22:1160,%22dl%22:1157,%22di%22:2791,%22ds%22:2791,%22de%22:2820,%22dc%22:4130,%22l%22:4130,%22le%22:4131%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=2748&fcp=2748&at=QkMCFgxKTx4%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
328b871f-06dc-48d7-b178-8b7f8ba96641
https://www.proofpoint.com/
194 KB
0
Script
General
Full URL
blob:https://www.proofpoint.com/328b871f-06dc-48d7-b178-8b7f8ba96641
Requested by
Host: visitor.reactful.com
URL: https://visitor.reactful.com/dist/main.rtfl.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0a74312e286bb34b208be2688078121a35fae1a8bae3f7f879c08f9f3385e77

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
198625
Content-Type
text/html
/
tracking.reactful.com/tracking/879986/
6 B
120 B
XHR
General
Full URL
https://tracking.reactful.com/tracking/879986/
Requested by
Host: visitor.reactful.com
URL: https://visitor.reactful.com/dist/main.rtfl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cf8646fc48648f5a6d806df8f757007e6398a55ddccc3d8c2046a4c014cf1b56

Request headers

Accept
*/*
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 18 Oct 2019 16:53:21 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
bd48500d14eb1615ffed649a5e38e6c4
cache-control
no-cache
content-length
26
css
fonts.googleapis.com/
24 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: visitor.reactful.com
URL: https://visitor.reactful.com/dist/main.rtfl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 18 Oct 2019 16:53:21 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 18 Oct 2019 16:53:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 18 Oct 2019 16:53:21 GMT
1569550148_4238_proofpoint_ads_reactful_350x225_b.jpg
storage.googleapis.com/reactful-main-prod.appspot.com/879986/card/
564 KB
565 KB
Image
General
Full URL
https://storage.googleapis.com/reactful-main-prod.appspot.com/879986/card/1569550148_4238_proofpoint_ads_reactful_350x225_b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fce32ffef9053b174f14996327fe0f71274a264e7c1f14efb62ece8d5a28acca

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:53:21 GMT
x-guploader-uploadid
AEnB2UqwznshNUI1JBNYYn7Jrnc_5DWwn1XPDlqeUd5tv1uP2C8jyN-YzXo2h5KrYUbhfvfE96hAJ07mYQQ0Tws2ai9_yJsMJA
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
577529
last-modified
Fri, 27 Sep 2019 02:09:08 GMT
server
UploadServer
etag
"90199ed3bcfd759c9a984974c6e3b37f"
x-goog-hash
crc32c=xvIhDg==, md5=kBme07z9dZyamEl0xuOzfw==
x-goog-generation
1569550148258690
cache-control
public, max-age=3600
x-goog-stored-content-length
577529
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 18 Oct 2019 17:53:21 GMT
1569302460_4238_proofpoint_ads_reactful_350x225_c.jpg
storage.googleapis.com/reactful-main-prod.appspot.com/879986/card/
762 KB
763 KB
Image
General
Full URL
https://storage.googleapis.com/reactful-main-prod.appspot.com/879986/card/1569302460_4238_proofpoint_ads_reactful_350x225_c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d257a826307144ccdb6dc26f750e2e8fab4587f59b1f5273efc4e59d196f384d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:27 GMT
age
1914
x-guploader-uploadid
AEnB2UrxTLowTIyK2_EEayVX0B9d2vLvGCp6zAVmQ9eQalAmjjJQlsjzFDb8jTJ1opXlyAyMOMxylfhDsqxIB1vmdmY24HOREw
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
780526
last-modified
Tue, 24 Sep 2019 05:21:00 GMT
server
UploadServer
etag
"f853e7506a66c4a22df59717ce3bcc0c"
x-goog-hash
crc32c=kbC5Uw==, md5=+FPnUGpmxKIt9ZcXzjvMDA==
x-goog-generation
1569302460901454
cache-control
public, max-age=3600
x-goog-stored-content-length
780526
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 18 Oct 2019 17:21:27 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Origin
https://www.proofpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 19:39:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
594833
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9016
x-xss-protection
0
expires
Sat, 10 Oct 2020 19:39:28 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Origin
https://www.proofpoint.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 17:59:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
860046
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Wed, 07 Oct 2020 17:59:15 GMT
/
tracking.reactful.com/tracking/879986/
6 B
116 B
XHR
General
Full URL
https://tracking.reactful.com/tracking/879986/
Requested by
Host: visitor.reactful.com
URL: https://visitor.reactful.com/dist/main.rtfl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cf8646fc48648f5a6d806df8f757007e6398a55ddccc3d8c2046a4c014cf1b56

Request headers

Accept
*/*
Referer
https://www.proofpoint.com/us/blog/threat-insight
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 18 Oct 2019 16:53:22 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
77669339f84fb4b2fb88a129378deaa4
cache-control
no-cache
content-length
26

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| Modernizr object| Drupal undefined| $ function| jQuery object| jQuery18303421138783148603 function| SetCaretAtEnd object| textboxToFocus object| hljs string| GoogleAnalyticsObject function| ga object| geoip2 object| enquire object| dataLayer object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params function| picturefill object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| tag object| players undefined| player object| firstScriptTag function| onYouTubeIframeAPIReady string| tablet object| $body object| $pageWrapper string| headerMenuFlag object| $headerMenuBtn object| $mainMenu string| $expandedMenuFlag object| $expandedMenuBtn object| $megaMenu object| annoucementHeight number| superNavHeight number| heightHeader function| addPaddingHeader function| resetHeader function| showHidenMenu function| dropDownEpMenu function| showHideAddThis object| uetq string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email function| twq function| hj object| _hjSettings object| _qevents object| vimeoGAJS function| fbq function| _fbq object| _vwo_code number| settings_timer number| _vwo_settings_timer object| _rctfl string| axel number| a string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| MunchkinTracker object| YT object| YTConfig function| onYTReady object| google_optimize function| google_trackConversion object| GooglebQhCsO object| twttr function| lintrk boolean| _already_called_lintrk function| quantserve function| __qc object| ezt object| _qoptions undefined| b object| vwo_iehack_queue function| UET object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter undefined| _ function| __extends object| Demandbase object| __db function| DBSegment boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| adroll_exp_list object| _rctfl_track function| _rctfl_original_ga_fn

10 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUk5kmGlIsmzpknS4k0zl4tlvkwUe_xKm1qYw8vnLxyc7n05TJmvTDW52Crb
www.proofpoint.com/ Name: ___utmvc
Value: RnjlfhTuwr1CDZXG6zoXt+oiIYMj3RYuMo7o0aITgHETz+gIX8T4KIhPm2D405lHvrLNdJ2oT1sRGjMhg0qAZOvj4AZaS84JPIZk3bZ1GhUwug+aWPiEDc/vNTxPJJZMuHwUKEna5DrZN/EEYXEi2wHUODpe1vJiwvHvg9AZfT1zBQwfzrlVLQ0CEVQsFZjBPgAd1hPZ6aXlIR2dLjAwTFgKOpUrX438MsBq90qI0n/iGJ96YJ8nq8HCH5crUwHAZ9z3a8JPHpryd5KYH8q6RoTTBV+yIAYTI9G5loiM6BePyXHhy8KgUrxD4klYuuoqLCCJzv8bj+YSKAFRL101lN9FdYBnpUgsO86kyQKU6tybJFfSEZlH9PjEPnekzGBpJjLcJLj4auYKmmi3LnN1O20MaaLy3cHsWl9c0u0yIgNwvIh7+LJgQ6QIUtAWnU9QQq31uxnaqYi70QJ8VQHkLrT2FeUhJ+3vImk9uEeXTVWj8POBpY5Yqq3XA4xz06DjjFN4r1HZX2gWe3zH6lViOTH0Q3dfzgPrkrYFtGAIPqTIlHoz3cMVOKh0mIEopQb81ghfnm7XW8aaHu9o0lAtEaBdcRrdy9jgVa+ZnpmU7SoBEzfQ2kTrroMF/zoDAw3UOFZxnNmHdaEWFXD9rpDs1n1OWMsmotwjjwffVht2PrgdGSjV2A3uglu9WFzJOXDcx4e/LxCni434PyrnfdmElGlOHPtekso5bT4ddCyo8GsIxqyguu8VlCm52mFxLh/akZ6DGThyuqGs3R8S9jStaEalFnrj9KOa0GoI7NCQDSu3pQV2bUEvzjGAEHMjPTIO8rgYTRId8pdCRa1ojkbpHncIQ/KljAQNtRula9ZPHb96gUbCvUhGxDGlLuT577L5Jvkr+GGG/QiAxbJSKo5v0CZnIeIRKT/qTIfwwkFUVS7y9J+qk+QQBd21qz8EOW0WgKfzZzdbxw69jKezJFb38warD2EWRxObIxBxd2ZbkXa8xCgOia3lAMMwyfmk7WsLBfxK0PxKtLhVbjIAEb8A23tGKdO6FTji0pPY563JltiavydC0eFw8Q/7nxQ8p/gLZSWpgTqlchQC+AiXgD0DxXgxI5lbithiQshqtGYIRe1TNT7WDAAIRkkZ/5oRNpu18B2ggbTISm3MMny+s5grjZpC6gYrm31s/u1BL9b8AzVIrUHJ4NESGdXtXqXhAx7vG2b17jSv/FjxeGlsCx8k+6chDoKxAPrftwjPjXg+9EbqAPvS4R/T1nD+vwWV0nF4FaUI3jYWA1By2Qo7xbTQYHKzhWIjYtzR6LZ72sGCGcHh6osEru8tib/QdJdqm3SauYvQ6Q5FyexqKOvvMHg9ViGOLFSWR67sOheNgLNcg1dk+bRJIrWlMrau3U33ijhABBViXE5PK5UKfoXCGR0ZglfFNJTWEujrd0GqGcPXCcQrv9uCLszn4dqtZ9pE5wj5Suu2O6r1+kQmyBQNVFi4Gqds7a8cgwlTcEbJcw2uqkWuVIGfE0wgEw6SMQmQz27q0APY9dMQE1yJoj9SIcU1SmG4RwOfnSAubDvBbr2RxNg/Hng0SiBWL0mEgiideTMnRXqi4MwC1wvcaHQatG+0jPE5e4sT6bGEhS5DwWh+JC2ZuY1YMFZYwFFR+2ETuw5SsjfXXZtrpSCQ3elonWrxIBtOR/uv7wbNeFDnrgpr0zUEMHZ9/9JQxeUCVissZGlnZXN0PTEyMjQxMixzPTllOWQ1ZDgxOTU5OTcyOWQ3NmFkN2JhNDY2NmI2YjY0NjE5YTgyODQ4NDY3YTdhMmFhNzk3ZjdmNzg5Yjg4ODVhMDhjNzI5MzdjODM2Zjcx
.proofpoint.com/ Name: visid_incap_177663
Value: t9mlX0QIS92LDJnZ/qRtJP/tqV0AAAAAQUIPAAAAAACPSmd+8VSes4zWkXkLZMEs
.proofpoint.com/ Name: __qca
Value: P0-245774044-1571417600401
.www.proofpoint.com/ Name: __adroll_fpc
Value: 1e747e2fce5f0d6c6d356fa33efc60c8-s2-1571417600254
.proofpoint.com/ Name: _fbp
Value: fb.1.1571417600169.439049893
.proofpoint.com/ Name: _gat
Value: 1
.proofpoint.com/ Name: incap_ses_245_177663
Value: Y2WoaacLTgFI7PvkJWtmAwDuqV0AAAAApMBfGqOBSyP8ris1iuCL6w==
.www.proofpoint.com/ Name: __ar_v4
Value: %7C7YJ7XZCLMRHSVCXIHB5HIT%3A20191017%3A1%7CYV5KYXXEJZATZCT37YRTMK%3A20191017%3A1%7CT47Y2VPPABDUBJXFROMZZM%3A20191017%3A1
.proofpoint.com/ Name: _hjid
Value: 66215e7b-827c-4a6f-b914-e130ec4ffe1b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

309-rhv-619.mktoresp.com
4788165.fls.doubleclick.net
ad.doubleclick.net
ads.avocet.io
ads.yahoo.com
adservice.google.com
analytics.twitter.com
api.company-target.com
attr.ml-api.io
bam.nr-data.net
bat.bing.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dev.visualwebsiteoptimizer.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.maxmind.com
googleads.g.doubleclick.net
gwmtracking.com
ib.adnxs.com
idsync.rlcdn.com
js-agent.newrelic.com
js.maxmind.com
match.prod.bidr.io
munchkin.marketo.net
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
px.ads.linkedin.com
rules.quantcount.com
s.adroll.com
s.ml-attr.com
s.ytimg.com
script.hotjar.com
scripts.demandbase.com
secure.adnxs.com
secure.quantserve.com
segments.company-target.com
simage2.pubmatic.com
sjs.bizographics.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync.outbrain.com
t.co
tracking.g2crowd.com
tracking.reactful.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
visitor.reactful.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.proofpoint.com
www.youtube.com
x.bidswitch.net
104.244.42.133
104.244.42.67
13.224.196.10
13.224.196.5
143.204.101.119
143.204.101.24
147.75.32.75
147.75.84.99
147.75.85.25
151.101.114.2
151.101.12.157
151.101.14.110
159.122.87.153
162.247.242.19
172.217.18.102
184.31.84.223
185.33.223.80
185.64.189.110
192.28.144.124
2.18.233.40
2.18.234.21
216.200.122.11
216.58.207.66
23.38.51.49
2600:9000:200c:ca00:6:44e3:f8c0:93a1
2606:4700::6810:252f
2606:4700::6810:262f
2606:4700::6812:1abe
2620:1ec:c11::200
2a00:1288:110:c305::9000
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2008
2a00:1450:4001:818::2004
2a00:1450:4001:819::2002
2a00:1450:4001:81a::200e
2a00:1450:4001:81a::2013
2a00:1450:4001:820::2010
2a00:1450:4001:821::2003
2a00:1450:4001:824::200e
2a00:1450:4001:825::200e
2a00:1450:400c:c04::9a
2a02:26f0:6c00:293::3adf
2a02:e980:d::87
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
34.95.120.147
35.156.13.191
35.190.72.21
52.214.122.164
52.29.223.223
52.30.193.62
52.58.138.174
54.154.133.226
54.93.143.102
68.67.153.60
69.173.144.165
91.228.74.167
91.228.74.244
013ebc8682bafe775a56f93904cff8456974906327dad3524e2ab2fe0c0df700
047ef44b759411ac70b47ffb1c29a2814d34ec9aa7cf12a927340128500bc9fe
04cc99186aa1ed2c9e0989ad7f6a2e180508c8656caef8cd2b153fa8dbba9038
05c915ee57e99bd0d092085c38ba287dc1bcf6f624840f296ca2270cce1b9a47
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
0e41e449d2997692fc3631d239e51c964577b35502ee9e138eead4a960682806
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1643d9bdbb01925433dd7160f57aa8af2a420eed39a8d7c28bec578302bc5460
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1ee51b94d3a3346cbfb9f77ae1e629353494a22d41986fcf197aeae7ff530d70
2397463f5da5110b6ec56a2ad08d03063edb1529954c4cc8c6e6e4b6f5b65f46
2471975538ff8cab54118a408087122507000525d07152cf81baaa1e277ca4dd
2c820c0915b001e1faf2993b85f097090d9bf1dd8e48195926b1b8a14f2b04a9
2cfe7c393d823154ee86def4c4eeeff7520b903871d93073ef7ad566a07ea92d
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
340302b442f8e9eec53a83e5ce236933254e36a4d560a1b6c9f8b4050bf5693f
352149d561c2edbd5fbed85c1a1053c9e56dec091c6d1a933ffa45e3cb4cf0c5
3886459ca89f9ca7588cc412ddb3b279947acec2258c42c065bc044ce67276c0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
457527b5e95739ff7fa3dd34a66e5966ca2e5dff91e46088d929bfaa20fb3062
46454a26b3142dec4540c21c9c156f2b3e570488667f1bbcf81854e27925f2a4
468679bedec4c0d16cc9b33fc7ae7d1b250fd7c6b5a795c4e287d7406b8cb3e6
479f333c6cdf10724e19b33079cab821bb37b0a463170ea9943dcbc0c6d9dc67
4861e54f1d490d494718bad10b4d4b6a18c600e4d2a9e8349ae14d8617afe9fc
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
49ddc4d7eb9b23cfe83c9ddea5478d80085d3c866c1c55b30e5fedf272fe6b49
4a02becff5da2f4a8660a33e1365c24621966445cc3c78029e9e4af31b7948ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
529e77ee17cf48e9ccbb5a64a0e59a1bbda0d9c011ee061f40b1aa189e8fabb8
5451119aa5fd566ad1bc22ab81193be0154f0e80c69a1b5d9c99d217f5737e3a
546595c59cd94a2dd8403e01dee1def5f043e5cff6352cf84c4c7770bf5dc754
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
579f4babb911b5a02260cfd84bca42d0e14c058264fe3b7c9cd2b8500d709469
5845e8453fb8ad463202d8314428e13413d953b87a024ab6eedb0e988e620c19
5a1451e87aae60f93f8dd8c4bc537dd29879da42d0b2d0594b7c891daffb3671
5b4f7ddf2cbd5ef8611f5fd90529a7c0b42bedb4c6f5a8f08d1c328b55043372
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5fde80b0aaf01a7fe4f8de3dbb671abadb59a30f6143e828b8000ac4fa9a45ec
6015b6cdafa09835ca9f65f2d9e211f3e120f8da2760401c7ba5e9520a260c37
6133e41555e0169c50044cb52a13271289303965ec1bf735025c7a578fdf6cae
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76
69666124ea4313cf5b2da94871c86acd68bcbc4d50b360fdebc4dc3b977dde21
74166c3ce466a4afbab3fee3dc53106c377de2217ddb142774eb4b59fe65c6e8
75f94de20ce7a52a2ac84f9f42abdd5687549bc207135ffaa7d5baed1cc7060a
78a79d5cefe3a91bfccc9d0e3522b756e142d8c2aeba35146f2bc399b71cf4ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850516b55c89e942c2229347ef8c064dd22dd6c75e07d2210bd6d20f4acf34a0
88b3102f2889489e2db30d672885b580d0275e944baacebc652c90ce2263d7ab
89cfdadb23c7206b508ca2007f1e8c183f609fd283a91b03e19b64ee2f03a288
8c04e5c378ae725f0ed4a33cf297cffdbb80839c5bad6984801553f7893ec45b
8f2eb17bbbffbc0677a2d603c68493dcfde0c24bcc3d6bf65db5f8cdfab34f67
91221ebe7decdf80fc3cfddffa7595ff915be4af1a9a5620fc9c138bf6cc0363
9169f52a2f15a1a0958e98c35579e8e91404fac2b119a2c637fb59b43e4dc6d4
9376bf715986d3500b26c5935970ee676b9f57844fc26844fcfcb2eebd97a97c
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
94761f99487dcae4d91af9d25f37227af94965157adee62bd2f503645ded4fc7
982a37a77841bb2605640a96be4e9e3397d167e9eff414df8efd88067274445f
9d0c2dcad36cced1cd443f28198432ca36bf2e08f12e2e38a8b21220fc889aec
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18430e37c008ca74cde9ea753584b0c8de60e02f751f0b2a8fb2780d53a1a76
a4bcaba23f30e7aa39a04ba1cbd337fd43e1962f1883566ae4bc61ad138fa16b
a7c736b5513596760fd64da2b3efb938eeccb76b59e2cca51a80212c45dc5fe9
a8bac03a9bf9bff1a50a992ffe70257f2c6a24e0cc79ba4c268baf19c9ca2880
ac423fe5c2bf07d841e12a36c9952daf9c1eb8457785eb8096508313a5ec2242
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b097316ccad9bc6056349d8d4e0fb4a824584a448d9f1115ed8f317f15b776ee
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
b7eab4c7c851a155bd46eb51790debc67d6f4b076d8b7070da3bb77abab18448
ba2fc3f7fc4e3de678f7071c05e967705f407dd069e2488b9845c6eb55fb240f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf08b79aefe0edd464a8e40a0f794560cbb58b0c9df222bf9d735394c69e25bd
c4859ba5ee78bff5e5f307903b1bd6d1e784171786701360a40eceeb6c9e95cc
c492f4ad226a0228548dcfcd82fdb01c989edf815de29ade1dce9aec09c31a1c
c6687d159fd14a00a4b187ecfa840c0e21d5a28f352003295d8508190fbdd826
c735fa87b24bfe3be295a578917072e0893ce87eb10dd8f8c3ef704d164a1ce0
c8d1df6fe0d7cba20d854755f7849df2ae8fd5d7dc45392d574bb8565edc591a
c91bae8f9074efbe5429e95dcab486cda690b269404a017be16b027cf10154c6
c98a09e57a229ff0b4ffad1d736b76616a5b882bd38d07fb93ad172c8ec8d8a6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd85ceb17a430ee2228d8f2d47c0b3f9e9322877a9e6bbae89aedd3eee904150
cf8646fc48648f5a6d806df8f757007e6398a55ddccc3d8c2046a4c014cf1b56
d0a74312e286bb34b208be2688078121a35fae1a8bae3f7f879c08f9f3385e77
d257a826307144ccdb6dc26f750e2e8fab4587f59b1f5273efc4e59d196f384d
d433e54752895754b27e62063d35e3e7d3cc5287289212bce7cc8ebe31af4d16
d7132a47a5e2f46ccad313fdbd5b421c6182b66ee582aaf9a9ac6d4f49d2e8e4
d87ab6bbe9de873d92530cf8675a0f5e8baa578f7b4b77d655d97fab10dd77c5
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcd875d8b92eb3e56f64b7abb1327b3093bda9c1f08e7d2e45a5afe86c6fbb81
de2904a4ddddd832988b348c677dbee37ecd5c5cae191e1473b40423e6c003f1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df7b034e11f350b02f383677a2c37d598922ad494d0e0241ad5740313332a5c8
e2eb28c4292664b548ad2c8ecf855b1f425a08966c5b413a4a0184b6ff52a509
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e675880ebe2bfb0c3364d32f0ea5569eb1d50d4b18fd15c644cf67ce098e04ed
e6a28d2ee786daa359bfe66bb1048943042b3a08efd1d4b00c41964ca5c70150
e7e6695bf782bd4b52cc817b8adba3d03973c348cea7622ecb06ab94165c4d0f
eb4747d9593a2ff2ae1cd49338bb1d5121c21df7e9bd7e11471ef8dc43dbd1c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
f0170318bd96e1075355c79f380c15a2fe5f6bd41ad5c304c3ea703efd6e5cc3
f1eff0a14e6b6936f36d51a5a58928909b9079d8942690f13729949728cb33ca
f29ac63f8416342d82dbcaca48d4c2999bbd7717c1bac431fc91413d2af88b13
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fce32ffef9053b174f14996327fe0f71274a264e7c1f14efb62ece8d5a28acca
fdcc163e3ba6197308c7d294da4cbe4124ef19fdbe67411f4a4ae581332d4cc5