www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Submission: On December 07 via manual (December 7th 2020, 7:46:48 pm UTC) from US

Summary HTTP 144 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 37 domains to perform 144 HTTP transactions. The main IP is 2606:4700:3037::681f:5ebc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.insurancebusinessmag.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time www.insurancebusinessmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3037::681f:5ebc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
6	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 23	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.190.50.98 35.190.50.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1 5	104.111.214.206 104.111.214.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1 7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1 1	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
1	63.35.200.21 63.35.200.21	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
7	64.233.189.94 64.233.189.94	15169 (GOOGLE) (GOOGLE)
1	3.90.94.177 3.90.94.177	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:816::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
144	45

10 2606:4700:3037::681f:5ebc (United States)

ASN13335 (CLOUDFLARENET, US)

www.insurancebusinessmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.217.18.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn-res.keymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.50.98 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com

cdn.sajari.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

insurance-business.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.214.206 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-206.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4d8f5e3a89f1562d9c52ac512a2a5a86.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.28.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.200.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 64.233.189.94 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f94.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.90.94.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-94-177.compute-1.amazonaws.com

nextroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

re.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com 4d8f5e3a89f1562d9c52ac512a2a5a86.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	330 KB
25	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	277 KB
10	insurancebusinessmag.com www.insurancebusinessmag.com	83 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	22 KB
7	googletagservices.com www.googletagservices.com	219 KB
7	facebook.com 1 redirects www.facebook.com	1 KB
6	adroll.com 1 redirects s.adroll.com d.adroll.com	71 KB
6	cloudflare.com cdnjs.cloudflare.com	23 KB
5	google.com adservice.google.com www.google.com	277 B
5	disquscdn.com c.disquscdn.com	230 KB
4	facebook.net connect.facebook.net	230 KB
4	fontawesome.com use.fontawesome.com	184 KB
3	hubspot.com api.hubspot.com track.hubspot.com	663 B
3	disqus.com insurance-business.disqus.com disqus.com	33 KB
3	keymedia.com cdn-res.keymedia.com	251 KB
2	sajari.com cdn.sajari.com re.sajari.com	23 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	addthis.com s7.addthis.com	190 KB
2	jquery.com code.jquery.com	96 KB
1	hubapi.com api.hubapi.com	706 B
1	addthisedge.com v1.addthisedge.com	762 B
1	moatads.com z.moatads.com	1 KB
1	nextroll.com nextroll.com	2 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	138 B
1	google.de www.google.de	108 B
1	google.fr adservice.google.fr	169 B
1	hs-banner.com js.hs-banner.com	12 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	usemessages.com js.usemessages.com	19 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	zoominfo.com ws.zoominfo.com	723 B
1	hs-scripts.com js.hs-scripts.com	716 B
1	googleadservices.com www.googleadservices.com	13 KB
1	googletagmanager.com www.googletagmanager.com	45 KB
1	sajari.net cdn.sajari.net	200 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
1	googleapis.com fonts.googleapis.com	724 B
144	37

	Domain	Requested by
23	securepubads.g.doubleclick.net	1 redirects www.insurancebusinessmag.com securepubads.g.doubleclick.net www.googletagservices.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.insurancebusinessmag.com tpc.googlesyndication.com
10	www.insurancebusinessmag.com	www.insurancebusinessmag.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com
7	csi.gstatic.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	securepubads.g.doubleclick.net
7	www.facebook.com	1 redirects www.insurancebusinessmag.com connect.facebook.net
6	cdnjs.cloudflare.com	www.insurancebusinessmag.com
5	c.disquscdn.com	insurance-business.disqus.com
5	s.adroll.com	1 redirects www.googletagmanager.com www.insurancebusinessmag.com s.adroll.com
4	www.google.com	www.insurancebusinessmag.com securepubads.g.doubleclick.net
4	connect.facebook.net	www.insurancebusinessmag.com connect.facebook.net
4	use.fontawesome.com	www.insurancebusinessmag.com use.fontawesome.com
3	cdn-res.keymedia.com	www.insurancebusinessmag.com
2	api.hubspot.com	js.usemessages.com
2	disqus.com	insurance-business.disqus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	s7.addthis.com	www.insurancebusinessmag.com s7.addthis.com
2	code.jquery.com	www.insurancebusinessmag.com
1	api.hubapi.com	js.hsadspixel.net
1	track.hubspot.com
1	re.sajari.com	www.insurancebusinessmag.com
1	v1.addthisedge.com	s7.addthis.com
1	cdn.sajari.com	www.insurancebusinessmag.com
1	z.moatads.com	s7.addthis.com
1	nextroll.com	www.insurancebusinessmag.com
1	d.adroll.com	www.insurancebusinessmag.com
1	d.adroll.mgr.consensu.org	1 redirects
1	www.google.de	www.insurancebusinessmag.com
1	4d8f5e3a89f1562d9c52ac512a2a5a86.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	ws.zoominfo.com	www.insurancebusinessmag.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	insurance-business.disqus.com	www.insurancebusinessmag.com
1	www.googletagmanager.com	www.insurancebusinessmag.com
1	cdn.sajari.net	www.insurancebusinessmag.com
1	maxcdn.bootstrapcdn.com	www.insurancebusinessmag.com
1	fonts.googleapis.com	www.insurancebusinessmag.com
144	47

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.lifehealthpro.ca
learn.insurancebusinessmag.com
kmi.magazinemanager.com
shop.kmimedia.ca
bpaww.com
www.keymedia.com
www.wealthprofessional.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cert00041-azurecdn.akamaized.net R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.sajari.net AlphaSSL CA - SHA256 - G2	`2020-08-03` - `2022-09-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.google.fr GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
nextroll.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.sajari.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2022-06-11`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
re.sajari.com GTS CA 1D2	`2020-11-26` - `2021-02-24`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Frame ID: 7E6675CB43459AF1223119BA4AF7FD5E
Requests: 86 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default
Frame ID: 0F6293931329C4FF5B86052A2CA24C4C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLFFBPljiVzh7vQ92pDHRUuTZt1kFoWQbS9T_4huQv8FvZFDmlOD-lXLGIdDmaUh3MM8ij2A6UNBhIT8GC8uZ1-yszeIy7iCvr1CoYg4pdz6xZPjPU0wWoc66rJLt7IHNQUU1qXQbWfmvoagNDRiFCF0saoSGHZ8Wp9Uzua7_uoqri1EX97tvBTa53I4BkOjpsgAbFRnYlwn26FXsYt_yQrWBTGG1qPMsrPwKaLbdOztWAgm5t_c1HpW8cX1rrCa2IxFd-ZOXbhRZLYBxxDKwjSKMAsiLHBKQSIk50SdPjrsbY2YrOW-T-YpmtBD1_8YgjqO7a&sig=Cg0ArKJSzJ-D95xhEM_TEAE&adurl=
Frame ID: 9383E3B777B4B92536E89DE538C67951
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxm-EUTDDq2IM-NoMjyq7yGBXSsJy5MdPkIWyhp2pH55hlE3YaKk21Lc6cvPigxcI_NBQAcy5Dqigc7uBdCkEbO93msrk2ExgcTlwrZUrnE5juXyoGb8Ci0zigAiWsSyRNQiPnadDO9kDLaktUlc80Z7JmxzY6u5fx1Wj26QSjfnGBwqeyconCggPxcFzoGivaMr2egpa8CFMnFjZBn89FRoszuqK18pMJ7ZAEE5X543TgrZalMwpOUI0fo1Ivz0TdQgeLqpNL0BGgs3IfufdTuW7TXeLjrU0CiTAR&sig=Cg0ArKJSzLBpDXmvzDjtEAE&adurl=
Frame ID: F59E0A78172814DCE4381B5C2294958D
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnnLXVoUIWyLxY5RWH_1xJ7WvunegNTCkD_i7HN1_e5BjUZm2uvZ9zDOPSFxNbmL5P_oaOo2eHE5ouse6pazBmpFVFEFDnxhtu6S7_3S1KfoG2i-uez1-AKJVBfUxmyODYCd7myLnIVBCoYpNcLYXSqzAqehVC97Cx7-x3Z2F4DKut_grG1LvQ9rlWZvv5QfEsReYzRKf6cGpjU1pR6rJfh_eNyu8NGto3m44TFsxALh3dN9qLsJFTu_GMKRTeDYr32G8PCZpYc20fV2Ori5MfWvTQWCdDSRjXAgw1Qw&sig=Cg0ArKJSzHutZb-Ad7OREAE&adurl=
Frame ID: 45C0D30DFEABF6C005F1C4D9569617F7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/13810547153303696996
Frame ID: BC2DE4129406E8D09F82531884C97CB7
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv1m0DucFBOAzjSrv5cSM06R6FO5aZTM7PEC_Le7T7GGwu4xf8t2C9inj43extCkU7cmQ281OjzH4JMfm45PsZ5wl3tOOm1QPzj8Yuo4qK0ZsgLlwyeeR85-_fbhAl54TTGg2gLYh5Aai3uj48RSi9ntwVFuTUdH8-wdn0PNL4H6ECMNkfuIolzSPs9K0GXu0bX3sC51-KEgWHxM-CDQ0c8fN-yAFZ0ECKUsuS3wcaNRlbCJA7oefydEE2NmmNXludo1bpwgGnzwLiqyAhQzM8YTvQ7MRntyQ0CBWLuQ&sig=Cg0ArKJSzMC09DFRVnI0EAE&adurl=
Frame ID: 8AE5DD9081374A6395FF24179828555E
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlv7yMsXwHkfLyYYs_cYGP7M14i7vvarYjUa4kV-e1ZHj1fSwGYsAD45WAu-eztXth2HZCGp1g2_t9ZYYYky-8zzs1JtQvFIN8dbgi6w4PbE042gyrx3ALs6TT8X6Sa7imojRQwZLgoO_G815amiz1QoUxZJKzu7MAn3kxcSBxWrli808r3kXwFvAhhWDxCyl4p_o65dpBNvRFsPngjcpQvIQVWi4BB86C68XirL3UQ51IFJeQyxzisUeXtc8vForTEU84zi_n_OgzkCUW-YzHFskOnOhWUwUDMsrnEw&sig=Cg0ArKJSzLerXM-dr3sJEAE&adurl=
Frame ID: 4F6FDE56F91AD3CE9821F287ABA1B419
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNoGD1BxOMciZW2ym0_-hsXb5AaeD5urD96MjqhAo_-24BLk6n1NLP6xGES5ONe-1BcSJxlGPWJa_PbC4RLjFaiWXz4a8tEjBUWMl2Bs4lbXkfUxyXRAzVGonUBCUPJQUL3tcGGCG6IH9X1xeN7TKnfXZtV5YKYpyOWhcnEMoiKktl3hDdf2AEPdmxk91KXVUGh-9MQPmtsrxF5bDCFcgHqJBp9sxvl-jFj2MhIHac30EF7prWyGTQf09VXOkNylWZ8JLZFyy-mzW99D5-qGuxMgAOu4MKYAXwSiwywA&sig=Cg0ArKJSzPqjG_zAMfVAEAE&adurl=
Frame ID: 3830AD8779F2D8B677149DCF3EF1757A
Requests: 9 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: B0F36A3B7382BD581F81B8CAFB80792A
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: DDDA36F332202CC90B08B0DC52B68E72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: D5FD19335C4260E5B2AE311DA36C4C28
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

144
Requests

100 %
HTTPS

71 %
IPv6

37
Domains

47
Subdomains

45
IPs

6
Countries

2607 kB
Transfer

6197 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/InsuranceBusinessCanada

Search URL Search Domain Scan URL

URL: https://twitter.com/InsuranceBizCA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/15154282

Search URL Search Domain Scan URL

URL: https://www.lifehealthpro.ca/
Title: Life

Search URL Search Domain Scan URL

URL: https://learn.insurancebusinessmag.com/
Title: eLearning

Search URL Search Domain Scan URL

URL: https://kmi.magazinemanager.com/subscribe/subscribe_renewOnlineCFGS_KMI.asp?renew=&source=IBPAID1
Title: Magazine

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/magazines/back-issues/insurance-business/?sort=newest
Title: Back Issues

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/special-reports/insurance-business/?sort=newest
Title: Special Reports

Search URL Search Domain Scan URL

URL: http://bpaww.com/bpaww/#?targeturl=/BPAWW/MemberTools/AuditedSiteTraffic&target=2&languageid=1&homepage=/bpaww/Content/MainContent/Home/Index.html&footerpage=/bpaww/content/maincontent/footer/english.htm

Search URL Search Domain Scan URL

URL: https://www.keymedia.com/?__hstc=226989634.6ab449675dd9e3917172bbd80c26c029.1607370398237.1607370398237.1607370398237.1&__hssc=226989634.1.1607370398237&__hsfp=2978788718
Title: Key Media

Search URL Search Domain Scan URL

URL: https://www.wealthprofessional.ca/?__hstc=226989634.6ab449675dd9e3917172bbd80c26c029.1607370398237.1607370398237.1607370398237.1&__hssc=226989634.1.1607370398237&__hsfp=2978788718
Title: Wealth Professional Canada

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.facebook.com/tr/?id=239203017352524&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607370374170&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607370374169.1607542053&it=1607370374093&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec=0&ev=PageView&fbp=fb.1.1607370374169.1607542053&id=239203017352524&if=false&it=1607370374093&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1607370374170&v=2.9.29

Request Chain 61

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 63

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=12b749821597f55b23db055b958036df&_b=2 HTTP 302
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=12b749821597f55b23db055b958036df&_b=2

Request Chain 79

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFVoi30JU7XfY7NuD3Hf_i2p0qUoCkouVEi9IlaZtxWrjQMc6HUaq9turd19Qx5DeV6I83bU0tMmvER7XrZmJ8Uh_DroQ12U2o_2o-cdq5v7baaeEtWLjLfYL1EH8Qd26UMhyx4Ls4ulged_iXMXS4jF01DOg6yumqA2ju4cRz_gOQSH6ihnj8A9X3H--YIlI022-ruQPRfTKU2SAVk9tn8bdeuxZpw8kgedV8ZkxZqfRaM3OX16AaVbMUYUT33hUw6C0TnQJ8p3QK2T-hbQtC2gXMv-huwaNuHN3bN4RQBw&sig=Cg0ArKJSzP7MSBCcSAbYEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/13810547153303696996? HTTP 302
https://tpc.googlesyndication.com/simgad/13810547153303696996

144 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx Show response
www.insurancebusinessmag.com/ca/news/cyber/ 56 KB
11 KB 553ms
521ms Document
text/html 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4f648ef7203d3e6e6edec26320a877d7cea6cc822d9631c050c53d71796d19fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.insurancebusinessmag.com
:scheme: https
:path: /ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=daa5cb242a2b399db80cc2e9f3971db311607370373; expires=Wed, 06-Jan-21 19:46:13 GMT; path=/; domain=.insurancebusinessmag.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06e056904300002ba1ff3d2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rz0Mar%2BN3xIue%2FUhGTcslA7nXuWCMiqO6L6E7v2oxLlxhintNo0AhYlUghitaFjv6YQkaTcWKnqrfJrcabssaCHUUovWVRg76%2B%2B%2BQ%2FUWL82qOI%2FpeZexWGppvfxKyaBEVy%2BCmiqqPy4g"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fe0c0606b372ba1-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 4 KB
724 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 17:47:54 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 19:46:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:13 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.1/css/ 58 KB
15 KB 91ms
45ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 15:13:10 GMT
server: NetDNA-cache/2.2
etag: W/"b227b1617a1763c8bc056772f05482b4"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
784 B 16ms
15ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 458408
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 394
cf-request-id: 06e056925500002c3218119000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fCjoVVA4wAd9LK1XDzpoMF8iNKmw6c5jobe4Uosp7wTidXCBeUZ6pJJwnUrjlsNuOUZ%2BRBwONQsozu6yAKVojJ9HsfIQRMWHA1oWSNOitbVrTB%2FsLe8aN6XOwf2AeMEekw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe0c063bb952c32-FRA
expires: Sat, 27 Nov 2021 19:46:13 GMT

GET
H2 200 site.min.css
www.insurancebusinessmag.com/css/ 217 KB
31 KB 42ms
41ms Stylesheet
text/css 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6953
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 06e056925600002ba1181b1000000001
last-modified: Thu, 26 Nov 2020 05:10:15 GMT
server: cloudflare
etag: W/"1d6c3b26cbd77e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s1IzG6gtIxNbgdkhfaRgcQa6irc1Y7H3tEfCthmGrFim8NNK9iKa5pmkTSKNVTkgeMPIM%2FqB44pm%2F%2FsT5995KzvD6msXTVhwNc4CX8KkaG7EWYksytXsxGuyhQqpzXRsPQ7uQKrToSaM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5fe0c063bbc02ba1-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 153ms
72ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

8988e60ed8b437a92b766df9c77312e0654dda367b2565cb0adfe7ec8e9f80ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "717 / 646 of 1000 / last-modified: 1607343165"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18629
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:13 GMT

GET
H2 200 logo_gray_ca.png
www.insurancebusinessmag.com/images/ 5 KB
5 KB 418ms
415ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_gray_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5287
cf-request-id: 06e05692be00002ba1f5026000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310c627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oI%2FjGNJlE%2B9sMWCGntdna1mQKncp8JCWvy3qtkNx2ICn6OJ8ILin4ttEni4JI3V8otKNUQrjCk3CUcOvTntKo%2FT0RgQKrrxKnwioUJk71D%2FQakQwDG9p9R%2B%2FgsdeRxBU3Krx%2FauKm7GQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe0c0645d6f2ba1-FRA

GET
H2 200 logo_ca.png
www.insurancebusinessmag.com/images/ 11 KB
11 KB 404ms
402ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 11195
cf-request-id: 06e05692bc00002ba10d37c000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f93b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YJ1yOGfQx9dgwlxc8dBtzmb8mcL9sH9t59Ol7peU40r03c7XB6IU9dDbMnVUYLr5QPK4YK3v7TDhXc7yyUgJ6nE0l5coxAB95swZ2SRIy0hNIldiNbeEk%2FMqJRORvpMV9dZCVQ7O3Njn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe0c0645d722ba1-FRA

GET
H2 200 logo_ca_mobile.png
www.insurancebusinessmag.com/images/ 8 KB
9 KB 420ms
417ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca_mobile.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 8597
cf-request-id: 06e05692bc00002ba1a09cb000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rBoXfCDwtROrBfmTLJcW2pmkUqaJ3JyWJNYzHjvDN8Wzd9H6b6gQGXkD5GQNSi8CSdTBXHpHsYU%2Br8GJgUWWtzKHmO7Y2eqfQTWF3iL3lFTu8jxD%2BFV6TLRMYLU9Bve9ga1vzf8kL9FD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe0c0645d732ba1-FRA

GET
H2 200 0270_637429306728087852.jpg
cdn-res.keymedia.com/cms/images/us/023/ 71 KB
71 KB 60ms
9ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0270_637429306728087852.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 19:46:13 GMT
last-modified: Mon, 07 Dec 2020 09:37:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PdMDAfDpsglIvzXuEVA+hQ==
etag: 0x8D89A93C504BE16
content-type: image/jpeg
x-ms-request-id: 620743f1-a01e-00e5-0b7d-ccc0f9000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: istock-cyberattack-technology-606671804.jpg
content-length: 72201

GET
H2 200 img_enewsletter.gif
www.insurancebusinessmag.com/images/ 3 KB
3 KB 417ms
415ms Image
image/gif 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/img_enewsletter.gif

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2866
cf-request-id: 06e05692bc00002ba10a315000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d9b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eQwIeVdi3X6%2FsJQ6HqZMzkZaj4oNkRJy9DqEFgssuQdthlJ3fcAD5tVBbGQqGvQ1yskh8vdowpWs3ALa1KJ%2Fue71g6hwV%2FZcEo4y9udlOgOjN8vttpM3syX%2FrpXMmE4bF6DJbiMZRDjX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe0c0645d742ba1-FRA

GET
H2 200 0116_637274390792424475.jpg
cdn-res.keymedia.com/cms/images/us/003/ 62 KB
63 KB 66ms
15ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/003/0116_637274390792424475.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 19:46:13 GMT
last-modified: Thu, 11 Jun 2020 02:24:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: +LKLZmxgLlM+nItRoCYu6A==
etag: 0x8D80DAE97B905DE
content-type: image/jpeg
x-ms-request-id: 6a6e2de0-801e-0006-2771-60a204000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: IBA Talk Hompage Tile_D.jpg
content-length: 63674

GET
H2 200 0132_637411468949978004.jpg
cdn-res.keymedia.com/cms/images/us/023/ 117 KB
118 KB 66ms
15ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0132_637411468949978004.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 19:46:13 GMT
last-modified: Mon, 16 Nov 2020 18:08:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: X1bLcJFJA0lHQYgdq4kMbQ==
etag: 0x8D88A5A96AC059A
content-type: image/jpeg
x-ms-request-id: 3253528b-901e-0057-2044-bc3f88000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: New Project(14).jpg
content-length: 119767

GET
H2 200 BPA_WW_MASTER.png
www.insurancebusinessmag.com/images/ 5 KB
6 KB 17ms
15ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/BPA_WW_MASTER.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3511
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5609
cf-request-id: 06e05692bc00002ba103aaf000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: "1d5b3e883a97ce9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FdpafD%2FT9L2yuB7h9T9qtiRQlkCvtxc6tOS%2BMKX7hr7%2FHdPwXu5Fbfz90i0WVQcU2mBbKjPosIENnQFdbd1aNUmIzitM1JQuUNJLzhS%2FSealW8FMuTDkxlaU9j%2BNBVKsD53BncQHyimr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe0c0645d752ba1-FRA

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 24003ms
23738ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1607370374.dop147.fr8.t,1607370374.cds283.fr8.hc,1607370374.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 23956ms
23739ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1607370374.dop147.fr8.t,1607370374.cds283.fr8.hc,1607370374.cds251.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 36ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
10 KB 22ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 458408
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 9283
cf-request-id: 06e05692bd00002c32f8323000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bN5OQ2YFmeEWs42PW0BEJthqAtOqBOL4DonE4jVL5YPT63zoKZu0WGdveUQeZWf%2FaxSYSNhyKaFsd7cbcRFDaIV95jN3%2FjHGTh7gk8C%2BoOI9sHRYvfimLj2%2BY2FP3MiCpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe0c0645d4b2c32-FRA
expires: Sat, 27 Nov 2021 19:46:13 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/ 23 KB
7 KB 23ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 412572
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6677
cf-request-id: 06e05692bc00002c32d8a6f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5add"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S7XXjvoCbZdlz9ap8m0jpZRXaiJ16lHm7FCis54LunJPvRJYPo%2Bp5d4URRHHYpY9nxsphs12imDUKuT8990%2F%2Bh09Yp2EKKwOTgwLnW7C3TGUrndXstEmNzLZYWrPUm%2BSFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe0c0645d542c32-FRA
expires: Sat, 27 Nov 2021 19:46:13 GMT

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/ 5 KB
2 KB 19ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 458393
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1740
cf-request-id: 06e05692bc00002c321fbbe000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BB%2BZFrPY8f6hZIYSNnWtyUSHvQ0hAyOl3VmJSulRs12eHLEuSiI7tH%2Fl0%2BtayDxxl7SGbeCqMCZNdv0H6wHtcYq3%2BN3%2FomIepm1FUmC3euSOGmMPHgDBMgZpE8XhfU6nwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe0c0645d562c32-FRA
expires: Sat, 27 Nov 2021 19:46:13 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 2 KB
1 KB 19ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 458405
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 746
cf-request-id: 06e05692bc00002c3211bfa000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jHDSqnE5ztRIUeu50seMYsOSOEa0dzywDhmveeEQ%2FIBFSjgs2MF8Dg2DaD9BQ1uMv7oxV0BZAiMmRMwNsd15JmKs%2B2hDuGcVitMArhSHXFpeUa1fGysaqolVMNbDO5lfyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe0c0645d582c32-FRA
expires: Sat, 27 Nov 2021 19:46:13 GMT

GET
H2 200 jquery.bootstrap.wizard.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/ 9 KB
2 KB 17ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/jquery.bootstrap.wizard.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 406353
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 2027
cf-request-id: 06e05692bc00002c32eb3cf000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-23da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FIJu%2B6%2F%2BSpQtPgLJsK1R%2F1lw5Lv7oXbDTiYrtwIJsqe5QXODEGrd%2F8tgkB5eiOma%2F71xf7yg1AWANRWDIaxWQiHamuc%2Be78pCsZ%2FiRBtJXOb78zrisP0RnNgQ%2BvfGUi2RA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe0c0645d5d2c32-FRA
expires: Sat, 27 Nov 2021 19:46:13 GMT

GET
H2 200 site.min.js Show response
www.insurancebusinessmag.com/js/ 3 KB
2 KB 420ms
416ms Script
application/javascript 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/js/site.min.js?v=a8CgVlJJa2pHH6NyWSDRb1xgq97m0DJCCfQmFEGXcpU

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 06e05692c000002ba1d2aef000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: W/"1d5b3e883a96460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kFzrWh0osTkvRNPyvIs36MT%2FpexoLfvzzPEYFDX1IH4wX1WndAtn4HUKRu7WHcwRM6oH2OoEPXtwubZrAS3ofDhDNir5g4FKzkvTXyCZwpvAptiwdpUqXo55dqhuetkQBNm02kkg9bnW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5fe0c0645d6b2ba1-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 37ms
33ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 07 Dec 2020 19:46:13 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 website-search-1.4.js Show response
cdn.sajari.net/js/integrations/ 662 KB
200 KB 77ms
20ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.net/js/integrations/website-search-1.4.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 06:56:38 GMT
content-encoding: gzip
age: 46175
x-guploader-uploadid: ABg5-Uxyhh20neHIgloUCc2UHohykF66KszLvat9D3Qt9C6kI-ugF4F4VEyRyxn-M4GfPw0bCclCXm9vv-wo823Sg0KfSqYc2A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 204181
last-modified: Fri, 27 Nov 2020 01:20:45 GMT
server: UploadServer
etag: "65c7b0342e669c616f2779114a738111"
x-goog-hash: crc32c=lavJ7Q==, md5=ZcewNC5mnGFvJ3kRSnOBEQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1606440045862038
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 204181
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Dec 2020 06:56:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
45 KB 23ms
20ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80479814589d820a87ac07a15295f8ed6bd207bd4c6750c72910093af88e79b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45520
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Dec 2020 19:46:13 GMT

GET
H/1.1 200
OK embed.js Show response
insurance-business.disqus.com/ 70 KB
23 KB 416ms
349ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-business.disqus.com/embed.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

a1950a612a824bf3cfaa38d9ddbf4803cf2e572aab2c6901942323f38d7b2bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 19:46:14 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 23291

GET
H2 200 keymedia_logo.png
www.insurancebusinessmag.com/images/ 3 KB
3 KB 410ms
404ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/keymedia_logo.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2797
cf-request-id: 06e05692d400002ba1a127b000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d86d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ofDLfByMhJsOnr7josXp7yGeGcTP4PeUxN4BrDjk73TsTo%2F7iWR6ZAtgccZPW3lA6N3txITkZ5fHGn9gLfZW5wNMoX96BuMYY9F2vpV7Tfc55boUY7bPCT4LujUzoeErKxO6S9dgmwFS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe0c0648dcf2ba1-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 20:01:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 344701
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 03 Dec 2021 20:01:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 21:21:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 426298
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 02 Dec 2021 21:21:15 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 34ms
29ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
last-modified: Mon, 05 Oct 2020 15:14:37 GMT
server: NetDNA-cache/2.2
etag: "8e1ed89b6ccb8ce41faf5cb672677105"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 80300

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 77 KB
77 KB 69ms
63ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
last-modified: Mon, 05 Oct 2020 15:14:09 GMT
server: NetDNA-cache/2.2
etag: "f075c50f89795e4cdb4d45b51f1a6800"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 78460

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 13 KB
14 KB 82ms
77ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:13 GMT
last-modified: Mon, 05 Oct 2020 15:14:17 GMT
server: NetDNA-cache/2.2
etag: "4a74738e7728e93c4394b8604081da62"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 13548

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 127ms
51ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12174
x-xss-protection: 0
server: cafe
etag: 1959326039972715456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3384
date: Mon, 07 Dec 2020 18:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 07 Dec 2020 20:49:50 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 39 KB
13 KB 400ms
136ms Script
text/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 383e5f611a5c1637137d721c623842d4ad37fbb609e726a0a086b8fdd4c481cb

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: yT2i2LUnffbkUbjAt0k2siAlAt3lg4XR
Content-Encoding: gzip
ETag: "28571dc94738b2d5c8135d1bc9804d74"
x-amz-request-id: D8CA31517EEFF851
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12463
x-amz-id-2: PkdqUa7SG6Ah0SpKR1grFBRfosBP1h3P1ltrX3Wcyf1SBZYz90A7rCkQce7e5vNXvQZTeFm3u8g=
Last-Modified: Wed, 02 Dec 2020 20:32:00 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 19:46:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 3830659.js Show response
js.hs-scripts.com/ 2 KB
716 B 19ms
16ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3830659.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a06ae15140593d7a3057126d977586ce9a20ee9057ade9080b202094085b1b6

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8
cf-polished: origSize=1725
cf-request-id: 06e05693ae000016e621967000000001
cf-bgj: minify
server: cloudflare
x-trace: 2B73A2ED774CC6D8F712011F90105BCAE312C00E8E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 5fe0c065eb0916e6-FRA
expires: Mon, 07 Dec 2020 19:47:14 GMT

GET
H2 200 H374CbiJXbyMaC6o2MeO Show response
ws.zoominfo.com/pixel/ 0
723 B 322ms
283ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/H374CbiJXbyMaC6o2MeO

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5fe0c0661d33c2ae-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0
cf-request-id: 06e05693d80000c2ae9139a000000001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: C/xvxMDvteSJIEQdNyPwSsy/6SYCX7v3qX1LNZRFlG9JKSbPuqYr7tYg5F1kBzuqoYFanKwDXQ3OKvfRz0AoiQ==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 19:46:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020120301.js Show response
securepubads.g.doubleclick.net/gpt/ 279 KB
99 KB 130ms
86ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 09:42:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100510
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
135 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=152054357&t=pageview&_s=1&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ul=en-us&de=UTF-8&dt=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=619248096&gjid=1845215871&cid=1894347549.1607370374&tid=UA-67143636-4&_gid=1403214103.1607370374&_r=1&gtm=2wgb41PVJZ6HP&z=1431423972

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 239203017352524 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 53ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/239203017352524?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: HxIQW8Uat8nY7u40U24VCH7gMWZc5MQwB8nz53prUwJ1yrXOqfWAnk6X4F58soror7o62xmlTZeyL46SEoamow==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 19:46:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 213897403
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 34ms
16ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
via: 1.1 ac28147bf6a75debb0811f62b6224e6f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 210
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.218/bundles/pixels-release.js&cfRay=5fe0bb450dd296b0-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06e05693e400001f256b8a9000000001
last-modified: Wed, 02 Dec 2020 05:20:17 UTC
server: cloudflare
etag: W/"6159aaab2b9ebbe66181371c0b06ec68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2loL3K5wOlJ4UYDOHK3xdpXBRt2L9KwW
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 5fe0c0663c0c1f25-FRA
x-amz-cf-id: Jr2KB1tVcvVLJda4LPTL7h3BitBTt677d_NirQXQTdPZGau8FVFxNw==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 79 KB
19 KB 84ms
82ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
via: 1.1 4638ed8bcd9a9c4a4ffe655049a6e058.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 297
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.7966/bundles/project.js&cfRay=5fe0b9258b902be9-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06e05693d70000175e67850000000001
last-modified: Mon, 07 Dec 2020 03:40:46 UTC
server: cloudflare
etag: W/"084f0064b523664ce082aebef736853e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kCPoihtV0nKfLLh1Z8xOU8_A5Ba4lvrR
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 5fe0c0662a10175e-FRA
x-amz-cf-id: anHeFhd7KCp0JOWRXdda552DFxIWg2rqeQeRMEwB4WslXUmSvWYRTA==

GET
H2 200 3830659.js Show response
js.hs-analytics.net/analytics/1607370300000/ 63 KB
19 KB 24ms
22ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1607370300000/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab092634138c04c4d400ffe26f4d1e7e332adbd7ce2b974288b0674850bc2b0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 8
x-amz-server-side-encryption: AES256
x-amz-request-id: 6222E5B0AC4A270B
x-amz-id-2: /ObhiNKw++auwebnbTnmRfJAwI9mF1OXnOFCcanq9kTzYi6gD2B8ovkfEsJj0zpWLbeFS9nYcIw=
last-modified: Mon, 07 Dec 2020 17:12:38 GMT
server: cloudflare
etag: W/"44e808ceba70a8e67afa883c1bf6dc20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 06e05693d40000c29ae2917000000001
cf-ray: 5fe0c0661fbec29a-FRA
expires: Mon, 07 Dec 2020 19:51:06 GMT

GET
H2 200 3830659.js Show response
js.hs-banner.com/ 51 KB
12 KB 44ms
42ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493a176ec78fb0ac6b6a95d9a93d57cd4db4880151ec1017282f8fee3f6250c9

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=Smq16w==, md5=MOAVoix/DZ6XFVDsDiVRgA==
date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 8
x-guploader-uploadid: ABg5-Uy7ZhscbhPzkPDe4ps3Dooy_THOAAEU8MGRsUOy2Sa3ifKKu5w83ID7hnsM08ISZV_wEcO3nDZenokmtUcm3CtBpZ55YA
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 06e05693d500001f3554aaf000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 17:52:35 GMT
server: cloudflare
etag: W/"30e015a22c7f0d9e971550ec0e255180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1606758755326219
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 52110
cf-ray: 5fe0c06629231f35-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 07 Dec 2020 19:51:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
94 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-67143636-4&cid=1894347549.1607370374&jid=619248096&gjid=1845215871&_gid=1403214103.1607370374&_u=YEBAAAAAAAAAAC~&z=330491317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Dec 2020 19:46:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=239203017352524&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec=0&ev=PageView&fbp=fb...

44 B
123 B

6ms
5ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec=0&ev=PageView&fbp=fb.1.1607370374169.1607542053&id=239203017352524&if=false&it=1607370374093&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1607370374170&v=2.9.29

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 19:46:14 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:14 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec=0&ev=PageView&fbp=fb.1.1607370374169.1607542053&id=239203017352524&if=false&it=1607370374093&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1607370374170&v=2.9.29
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/?random=1607370374203&cv=9&fst=1607370374203&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

802df8e7bb92807c6621ff011d2296a8bb3dbe948dd30dfa58c4a890d184b0ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 0
23 KB 32ms
14ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1545945
strict-transport-security: max-age=300; includeSubdomains
content-length: 22655
cf-request-id: 06e05694d800001f414b034000000001
timing-allow-origin: *
last-modified: Thu, 19 Nov 2020 22:06:27 GMT
server: cloudflare
etag: "5fb6ec63-587f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 5fe0c067ce991f41-FRA
x-amz-cf-id: U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires: Fri, 19 Nov 2021 22:20:27 GMT

GET
H2 200 common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js
c.disquscdn.com/next/embed/ 0
93 KB 32ms
15ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 590584
strict-transport-security: max-age=300; includeSubdomains
content-length: 94783
cf-request-id: 06e05694d900001f410c0de000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 23:25:14 GMT
server: cloudflare
etag: "5fc57f5a-1723f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 5fe0c067ce9a1f41-FRA
x-amz-cf-id: qTlIsgJeiVKYLpKJk7-tZpsLzHRMZ2jhKj-dLst3ozr307jdRNXxtw==
expires: Tue, 30 Nov 2021 23:43:04 GMT

GET
H2 200 lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js
c.disquscdn.com/next/embed/ 0
114 KB 38ms
21ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1469748
strict-transport-security: max-age=300; includeSubdomains
content-length: 116379
cf-request-id: 06e05694d900001f415baaf000000001
timing-allow-origin: *
last-modified: Fri, 20 Nov 2020 19:08:20 GMT
server: cloudflare
etag: "5fb81424-1c69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C1
accept-ranges: bytes
cf-ray: 5fe0c067ce9f1f41-FRA
x-amz-cf-id: yaoISWtZa_Htm13y7eXpFluexrytRU8scoM6I0rwGiOxoIOb1BdMdg==
expires: Sat, 20 Nov 2021 19:30:24 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
10 KB 103ms
40ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 19:46:14 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 49
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9280
X-XSS-Protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 109 B
169 B 21ms
21ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 fancybox_sprite.png
www.insurancebusinessmag.com/images/ 1 KB
2 KB 15ms
15ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/fancybox_sprite.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6951
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 1362
cf-request-id: 06e05694f200002ba1d81fa000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dqYJ3LGqdff8akm%2BtenBpxUY5emNPtMBamrnv3S94SIjSCB%2BO%2Fjeq7BfAY7FEiVFSt0T43sj%2FW7K1ArgJt%2BuCzcSn8GguBbCrYpEZxmIJk2vc6YJkpINTwxk%2BvRkblhi6kXn3goqYQkK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe0c067ee632ba1-FRA

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 103 KB
15 KB 211ms
210ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3717466678483328&correlator=1981889432249889&output=ldjh&impl=fifs&eid=21068809&vrg=2020120301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201207&iu_parts=1042886%2Ciboca_news_cyber_640x480-prestitial%2Ciboca_news_cyber_na_fluid_top1%2Ciboca_news_cyber_728x90%2Ciboca_news_cyber_125x750%2Ciboca_news_cyber_na_fluid_top2%2Ciboca_news_cyber_980x240%2Ciboca_news_cyber_970x90%2Ciboca_news_cyber_1000x90%2Ciboca_news_cyber_300x600%2Ciboca_news_cyber_300x250%2Ciboca_news_cyber_140x600%2Ciboca_news_cyber_140x300%2Ciboca_news_cyber_na_fluid_inarticle%2Ciboca_news_cyber_450x20%2Ciboca_news_cyber_480x300&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F15&prev_iu_szs=640x480%2C320x50%2C728x90%2C125x750%2C125x750%2C320x50%2C980x240%2C970x90%2C1x1%2C300x600%2C300x600%2C300x250%2C300x250%2C140x600%2C140x600%2C140x300%2C320x50%2C450x20%2C450x20%2C450x20%2C480x300&fluid=0%2Cheight%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0&ists=4096&prev_scp=%7Cposition%3D1%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D2%7C%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D3%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1607370374&dt=1607370374359&dlt=1607370373708&idt=584&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C310%2C560%2C165%2C1310%2C310%2C310%2C315%2C0%2C990%2C990%2C990%2C990%2C310%2C310%2C310%2C477%2C477%2C477%2C477%2C477&adys=-12245933%2C0%2C62%2C250%2C250%2C250%2C270%2C1110%2C3863%2C686%2C2882%2C2369%2C1316%2C846%2C1476%2C2106%2C1211%2C2249%2C2269%2C2289%2C2309&adks=650329221%2C3010860864%2C2179467046%2C4273497933%2C4273497932%2C926496691%2C1353799527%2C2563504204%2C2145629555%2C1205037887%2C1205037873%2C760719103%2C760719092%2C1485002616%2C1485002623%2C3266770760%2C3656399958%2C546586321%2C546586320%2C546586323%2C3390586813&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1000x1%7C730x90%7C125x750%7C125x750%7C1000x20%7C980x240%7C1600x3882%7C1600x3882%7C313x600%7C313x600%7C313x250%7C313x250%7C146x600%7C146x600%7C146x300%7C479x884%7C479x445%7C479x445%7C479x445%7C479x445&msz=0x-1%7C980x0%7C730x90%7C125x750%7C125x750%7C980x0%7C980x240%7C970x-1%7C1600x1%7C300x600%7C300x600%7C300x250%7C300x250%7C146x600%7C146x600%7C146x300%7C479x0%7C479x20%7C479x20%7C479x20%7C479x300&ga_vid=1894347549.1607370374&ga_sid=1607370374&ga_hid=152054357&fws=644%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C479%2C479%2C479%2C479%2C479&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

81043964d632f8c923203ff2272cac8468d061c0d8555cdb2319e687016b4a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14961
x-xss-protection: 0
google-lineitem-id: 5522499108,-2,5523842285,-2,-2,-2,5523842285,-2,5523842285,5523842285,-2,5523842285,-2,5523842285,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138328442418,-2,138328415276,-2,-2,-2,138328444695,-2,138328415726,138328444692,-2,138328444698,-2,138328444683,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4d8f5e3a89f1562d9c52ac512a2a5a86.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 81ms
14ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4d8f5e3a89f1562d9c52ac512a2a5a86.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
7ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 0F62 0
0 199ms
170ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

Connection: keep-alive
Content-Length: 2749
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 07 Dec 2020 09:40:45 GMT
ETag: W/"lounge:view:8304289896.1a712cca7a006174d37d2a69da1457bd.2"
Content-Encoding: gzip
Date: Mon, 07 Dec 2020 19:46:14 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 /
www.google.com/pagead/1p-user-list/948015301/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948015301/?random=1607370374203&cv=9&fst=1607367600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=738619622&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948015301/ 42 B
108 B 38ms
37ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948015301/?random=1607370374203&cv=9&fst=1607367600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=738619622&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

132ms
127ms

Script
application/javascript

104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NRd5BJy3mTVGILCcmBdUI4KKHh2sq935
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 7W9WAWDN1PDJ9K6T
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE=
Last-Modified: Wed, 02 Dec 2020 20:19:48 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 19:46:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 07 Dec 2020 19:46:14 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/ 1 KB
1 KB 366ms
123ms Script
text/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _mn1D0VtNh5freWhh9.kCWYn3Qouzsse
Content-Encoding: gzip
ETag: "3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id: 6B99C8ABABB88D46
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 635
x-amz-id-2: 8Ntj3t+1zhytmEs1jF4ETPtx3N2P1xbq+UEU2s949XQKYAYr52T9NfnUCfzlZ+eZYSjFBR9/BbY=
Last-Modified: Sun, 06 Dec 2020 20:41:15 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 19:46:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=12b749821597f55b23db055b958036df&_b=2
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=12b749821597f55b23db055b958036df&_b=2

385 B
478 B

129ms
42ms

Script
application/javascript

63.35.200.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=12b749821597f55b23db055b958036df&_b=2
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.200.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 47f938cdd60fee25a2762afbe4ccd01a496da4f72ef61db354467cb47649766d

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
server: nginx/1.18.0
content-length: 385
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=12b749821597f55b23db055b958036df&_b=2
date: Mon, 07 Dec 2020 19:46:14 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 33ms
14ms Fetch
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=insurancebusinessmag.com&host=www.insurancebusinessmag.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9383 0
0 47ms
46ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLFFBPljiVzh7vQ92pDHRUuTZt1kFoWQbS9T_4huQv8FvZFDmlOD-lXLGIdDmaUh3MM8ij2A6UNBhIT8GC8uZ1-yszeIy7iCvr1CoYg4pdz6xZPjPU0wWoc66rJLt7IHNQUU1qXQbWfmvoagNDRiFCF0saoSGHZ8Wp9Uzua7_uoqri1EX97tvBTa53I4BkOjpsgAbFRnYlwn26FXsYt_yQrWBTGG1qPMsrPwKaLbdOztWAgm5t_c1HpW8cX1rrCa2IxFd-ZOXbhRZLYBxxDKwjSKMAsiLHBKQSIk50SdPjrsbY2YrOW-T-YpmtBD1_8YgjqO7a&sig=Cg0ArKJSzJ-D95xhEM_TEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 9383 3 KB
1 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9383 104 KB
32 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61ea8cb3c5f515c19cd53d77f3a66b7317a471072cfb5bd627f71d321e66e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100259702740"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32495
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9383 0
0 16ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCROeeQZ8Q0Rua4odDMbeW2BJxwqz4gu--lj63AJJjA2NGIUoUd_6OT72jB4cvjY9tbdUFmG_E60i5vUTmmKyhMRG8Lg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 128802055032131217
tpc.googlesyndication.com/simgad/ Frame 9383 43 KB
43 KB 35ms
21ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/128802055032131217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a4080d7b3a78d8829b8e436b103b9736e6757f007c06d51ada0f659cb50a6b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 21:13:25 GMT
x-content-type-options: nosniff
age: 81169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43800
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:28:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Dec 2021 21:13:25 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F59E 0
0 44ms
42ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxm-EUTDDq2IM-NoMjyq7yGBXSsJy5MdPkIWyhp2pH55hlE3YaKk21Lc6cvPigxcI_NBQAcy5Dqigc7uBdCkEbO93msrk2ExgcTlwrZUrnE5juXyoGb8Ci0zigAiWsSyRNQiPnadDO9kDLaktUlc80Z7JmxzY6u5fx1Wj26QSjfnGBwqeyconCggPxcFzoGivaMr2egpa8CFMnFjZBn89FRoszuqK18pMJ7ZAEE5X543TgrZalMwpOUI0fo1Ivz0TdQgeLqpNL0BGgs3IfufdTuW7TXeLjrU0CiTAR&sig=Cg0ArKJSzLBpDXmvzDjtEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame F59E 3 KB
1 KB 28ms
18ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F59E 104 KB
32 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61ea8cb3c5f515c19cd53d77f3a66b7317a471072cfb5bd627f71d321e66e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100259702740"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32495
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F59E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8VGv0DT54i2aogwefGJ4aS2KYHG2uvEnk7WFlncIpHWOr2AvI6WiAve5zipVWF81F44k6izCZy1axsU4ZkaA5nDjqfA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 16087027898513391236
tpc.googlesyndication.com/simgad/ Frame F59E 40 KB
40 KB 31ms
21ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16087027898513391236

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 08:01:52 GMT
x-content-type-options: nosniff
age: 42262
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40837
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 08:01:52 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 45C0 0
0 45ms
43ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnnLXVoUIWyLxY5RWH_1xJ7WvunegNTCkD_i7HN1_e5BjUZm2uvZ9zDOPSFxNbmL5P_oaOo2eHE5ouse6pazBmpFVFEFDnxhtu6S7_3S1KfoG2i-uez1-AKJVBfUxmyODYCd7myLnIVBCoYpNcLYXSqzAqehVC97Cx7-x3Z2F4DKut_grG1LvQ9rlWZvv5QfEsReYzRKf6cGpjU1pR6rJfh_eNyu8NGto3m44TFsxALh3dN9qLsJFTu_GMKRTeDYr32G8PCZpYc20fV2Ori5MfWvTQWCdDSRjXAgw1Qw&sig=Cg0ArKJSzHutZb-Ad7OREAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 45C0 3 KB
2 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45C0 104 KB
32 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61ea8cb3c5f515c19cd53d77f3a66b7317a471072cfb5bd627f71d321e66e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100259702740"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32495
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 200 12598932462570953785
tpc.googlesyndication.com/simgad/ Frame 45C0 46 KB
47 KB 23ms
18ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12598932462570953785

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 19225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47548
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 15:26:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

GET
H3-Q050

200

13810547153303696996
tpc.googlesyndication.com/simgad/ Frame BC2D
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFVoi30JU7XfY7NuD3Hf_i2p0qUoCkouVEi9IlaZtxWrjQMc6HUaq9turd19Qx5DeV6I83bU0tMmvER7XrZmJ8Uh_DroQ12U2o_2o-cdq5v7baaeEtWLjLfYL1EH8Qd26UMhyx4Ls4u...
https://tpc.googlesyndication.com/simgad/13810547153303696996?

44 KB
44 KB

8ms
7ms

Image
image/jpeg

2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13810547153303696996?

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 19225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44712
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:39:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/13810547153303696996?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 44ms
28ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e735e08c4da24b5efe03dc7d48842a415f91122e5b74e23d2e9e461d0ae73199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28447
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AE5 0
0 45ms
43ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv1m0DucFBOAzjSrv5cSM06R6FO5aZTM7PEC_Le7T7GGwu4xf8t2C9inj43extCkU7cmQ281OjzH4JMfm45PsZ5wl3tOOm1QPzj8Yuo4qK0ZsgLlwyeeR85-_fbhAl54TTGg2gLYh5Aai3uj48RSi9ntwVFuTUdH8-wdn0PNL4H6ECMNkfuIolzSPs9K0GXu0bX3sC51-KEgWHxM-CDQ0c8fN-yAFZ0ECKUsuS3wcaNRlbCJA7oefydEE2NmmNXludo1bpwgGnzwLiqyAhQzM8YTvQ7MRntyQ0CBWLuQ&sig=Cg0ArKJSzMC09DFRVnI0EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 8AE5 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AE5 104 KB
32 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61ea8cb3c5f515c19cd53d77f3a66b7317a471072cfb5bd627f71d321e66e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100259702740"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32495
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 8AE5 0
0 17ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnPod6cHePtWV-FzOW-8eJWFx5imkDCmlcla5QKDen2dD8YPjPfgToFbsuwYe-h4M8weQ6Kg-6okIt7emly2ngj0Ou_A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 14015424997989743780
tpc.googlesyndication.com/simgad/ Frame 8AE5 43 KB
43 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14015424997989743780

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 19225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44348
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F6F 0
0 45ms
42ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlv7yMsXwHkfLyYYs_cYGP7M14i7vvarYjUa4kV-e1ZHj1fSwGYsAD45WAu-eztXth2HZCGp1g2_t9ZYYYky-8zzs1JtQvFIN8dbgi6w4PbE042gyrx3ALs6TT8X6Sa7imojRQwZLgoO_G815amiz1QoUxZJKzu7MAn3kxcSBxWrli808r3kXwFvAhhWDxCyl4p_o65dpBNvRFsPngjcpQvIQVWi4BB86C68XirL3UQ51IFJeQyxzisUeXtc8vForTEU84zi_n_OgzkCUW-YzHFskOnOhWUwUDMsrnEw&sig=Cg0ArKJSzLerXM-dr3sJEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 4F6F 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F6F 104 KB
32 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61ea8cb3c5f515c19cd53d77f3a66b7317a471072cfb5bd627f71d321e66e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100259702740"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32495
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 200 17709520277748985683
tpc.googlesyndication.com/simgad/ Frame 4F6F 44 KB
44 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17709520277748985683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba2a0e5d978194c64c77dde2152baf5ff5ae0548ccae71aaf75b257558c76e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 14:07:16 GMT
x-content-type-options: nosniff
age: 452338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45113
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Dec 2021 14:07:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3830 0
0 45ms
43ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNoGD1BxOMciZW2ym0_-hsXb5AaeD5urD96MjqhAo_-24BLk6n1NLP6xGES5ONe-1BcSJxlGPWJa_PbC4RLjFaiWXz4a8tEjBUWMl2Bs4lbXkfUxyXRAzVGonUBCUPJQUL3tcGGCG6IH9X1xeN7TKnfXZtV5YKYpyOWhcnEMoiKktl3hDdf2AEPdmxk91KXVUGh-9MQPmtsrxF5bDCFcgHqJBp9sxvl-jFj2MhIHac30EF7prWyGTQf09VXOkNylWZ8JLZFyy-mzW99D5-qGuxMgAOu4MKYAXwSiwywA&sig=Cg0ArKJSzPqjG_zAMfVAEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 3830 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3830 104 KB
32 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61ea8cb3c5f515c19cd53d77f3a66b7317a471072cfb5bd627f71d321e66e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100259702740"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32495
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 200 8091804047278586021
tpc.googlesyndication.com/simgad/ Frame 3830 46 KB
46 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8091804047278586021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:08:42 GMT
x-content-type-options: nosniff
age: 20252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46899
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:08:42 GMT

GET
DATA 200
OK truncated
/ Frame 9383 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d9889441bdab0964953cdaf11d8b4560ea52c69cbe412f3e7d5fa952d865a89

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
www.facebook.com/tr/ 0
84 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryPoHsYtJxXEVjWWgj

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 19:46:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
DATA 200
OK truncated
/ Frame F59E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1bb34332753cec9c7a9b55a08a18ba0ec91fad4d90d3e28c051f82ab09b5055

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 45C0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02c301cd6185415b17a4977ebaa5f89beb081422e0ac2758c9b52484cfe15d02

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F59E 0
0 103ms
60ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskHVMXUdZPd8Sja_jqykzuz9b1M3BwjuYu72qd456GU-ox1c71cbcGBFJSmsWlxthTj2bxs2De2h9V4iyegVsqIze_hf5QOkp8SnN6JxigYeDJgg5wTiETa8kP-sqKwnLWOnvBq4r9Zt8HUI49SfxfZxkv70PXW5c5tPoc4g7iDPH2yLi9UvIFAvC9LYZpFAK-xIFn8o5W1b8Pusq5EYEHmO5HqsGD88ttkz9t9MGy9HKDQbsRc7WExq8Z7CkLhUlCqA7FeEErspQTbWRHaA7jsHQesJePNKcP1ztU6-Y&sig=Cg0ArKJSzLoQOCCxeQ_9EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9383 0
0 102ms
61ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBHK9dbD2M4736AosZTS8L6WibXkJYYRHrQ1Y2DTWYjc7b2ljtN63HqB8-uB7gyJ3I9x9a2acXJLQapTetrbheCIO7l3WsD8v1FSoOoQYHKrCnK0Rrr6h8YgMaX_x4nbkusFEp0pBfATgPn_p0pWn16ORKQicbal1lMpjZ2LXXaHsC8khSAyOcJtthNKypBNMfjGOPvbTmGt_1d-G1BLPbFOeaqA3SaEobTDF6qECufEjQK7cGK7c4BXpYktFSmhdj-H3REB8vyJlCXW901zvtg6FlfsbOo7tu7zsuNzzD88aLOhbyuizN&sig=Cg0ArKJSzKkbWEhqww80EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
DATA 200
OK truncated
/ Frame 4F6F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab8636153eb695bdfc6ed4ca7adf58578aee06032fbe8b394b17663657c614fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3830 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6f95300399b1c685c7fd403be1eb3b04609717ff30d6f9512f6d42b81552152

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8AE5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dc6d8abc209bc3f1f14a53e4e7b8bf248a9f1252a877e66807f845bc957be2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 45C0 0
0 43ms
42ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJA1GmMd6vzb-YPXkBovzxm7PUiIIrOQPn4YARAwQRj5ZD9imvAaxVKjhvoMfJBeopyE-8tCjyPqd-e2ee2KGeYlygZXChgn7kntvMPqg1b1kvDRGTpcbHZK-3Aoaug1NH6aJbZ2ZPxewdV1t36HcNAQp4aCirrq-n4Bs4H7j-fRV-SRv4VS2ZcUdXMEsD4KaZySVWiTVnG97AyCtmxGKzaTSLfW_qgMWalWAqfyPnaTG7lQ5oSBrD1TBDasYgi5_YXNpvT4JQ-ZzVGddUalfZwDBbp0dYhr1II483ZfzX&sig=Cg0ArKJSzJtrRVMW1NidEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
DATA 200
OK truncated
/ Frame BC2D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a1d442058c497afe88cfc2c7869086746e43753db98a5eba92884544f2ebe70

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F6F 0
0 53ms
51ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4ul2HD0u8IRinxhuhklMwb-jkeCSdNnGxQ2iRbUrHe-kKizxzm4juuYm9tSKZgfDbuUh4lamJiIz1Bp7Ah4jZ7LCrRXsokzeKLhlPZ_01v3vBxgi6s-ygN1gzZpUKOJ2SYjiZMUUOV5zjprHpR19qRU37mTbKsxunpke7XT_y-_h4xpFAmGda02cVUdCPGJoBKrhSUtbzFhEtz-kN1ANaeGUtP7TEpQtMRh8TKzPhnJVuyGSC98HYJT5YvMTGzVtt5kK0xqtTvdYaQIvTzYdmdEcIZzqJr7b-TEHKgVP7&sig=Cg0ArKJSzO9gmlay8etaEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4F6F 53 KB
21 KB 33ms
32ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

1ab93462fa03e6a552a857fe7005098fe133645b3d88f82feaa91a31c7a9d9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3137
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20879
x-xss-protection: 0
server: cafe
etag: 11997025105020960252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 19:53:57 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3830 0
0 44ms
44ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuszGIIo0DR4lSsACj8ha1h_ggQr-2gw1GXamvadAn0jFwG7aEi_BYwfewgHwzMoS39YTph-jVttWiALP_UU1c3lumOcNO01cXhF9kmgJ09pgpXFXLphaR7RCh1M3yB5hJqphJqqZDFhsqkxyygzeO8Jj7RXkBS3lDLxCv44xVEFX6RKFPzLvQqequQC46aaZA9j3dz4ADWubR0ok3eGlUjMlLYLGy4Sv2MHBqvK3jXIUmYTZmVufNG0wDpCGcm0cUnNbAdAF5yOE9oVP01oDeOXWJgeVl3cBOvGhnYXUDz&sig=Cg0ArKJSzM0u1r-Lp8rnEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AE5 0
0 45ms
43ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJHnGnvqoM-FmIqFYxXkqSYsR5OgkCvooxXq_U9YZwbfs-AZGB8jBp8pzyp-QnOTmOu4tO87AcfiT8Mv0yYpNodJRPwx8HDQY5jeHxQkLMt7VDMA4g-zwT9EOkLulyz_G4Dn9JflGBnCHcZPr5rWPTKAfKnFJLJLwaDnmnsgrqHb_1oQFWL28kos__fZtSIkhDrot0Hg7vRiPKcvrlsD-tkaF0GCGHUCoXyBVxJKjyf7Se7VC3HTEEfq1zmGJglvsQDK8fCjyW-9tipMN3n7jsQNpCcjkV64yODoXcM2J4&sig=Cg0ArKJSzIqQaKgzxGIKEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:14 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 45C0 53 KB
20 KB 31ms
31ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

1ab93462fa03e6a552a857fe7005098fe133645b3d88f82feaa91a31c7a9d9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3137
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20879
x-xss-protection: 0
server: cafe
etag: 11997025105020960252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 19:53:57 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame BC2D 53 KB
20 KB 33ms
32ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

1ab93462fa03e6a552a857fe7005098fe133645b3d88f82feaa91a31c7a9d9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3137
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20879
x-xss-protection: 0
server: cafe
etag: 11997025105020960252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 19:53:57 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9383 53 KB
20 KB 32ms
32ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

1ab93462fa03e6a552a857fe7005098fe133645b3d88f82feaa91a31c7a9d9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3137
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20879
x-xss-protection: 0
server: cafe
etag: 11997025105020960252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 19:53:57 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 399 KB
55 KB 152ms
152ms Script
application/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9f75a1a0bc71452e1279885056d6c76bee32b081cf303bea3ebcfc1b1409f316

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: VAJVsdc4Cb0nPywy.d.T24u2_3_p4Suc
Content-Encoding: gzip
ETag: "cbb3b9097ce937dd4330ad74061fef80"
x-amz-request-id: 6039CC24F93183DB
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 55785
x-amz-id-2: yxEN16BWg7jlL+UKXBR3yAmnWBFYMJvnd9Sje1fTjBtY0a5WT0ZIexJdYUQakmoCJAILsJvM05M=
Last-Modified: Thu, 05 Nov 2020 19:27:04 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 19:46:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame F59E 53 KB
20 KB 32ms
32ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

1ab93462fa03e6a552a857fe7005098fe133645b3d88f82feaa91a31c7a9d9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3137
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20879
x-xss-protection: 0
server: cafe
etag: 11997025105020960252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 19:53:57 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8AE5 53 KB
20 KB 33ms
32ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

1ab93462fa03e6a552a857fe7005098fe133645b3d88f82feaa91a31c7a9d9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3137
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20879
x-xss-protection: 0
server: cafe
etag: 11997025105020960252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 19:53:57 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 3830 53 KB
20 KB 36ms
35ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

1ab93462fa03e6a552a857fe7005098fe133645b3d88f82feaa91a31c7a9d9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3137
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20879
x-xss-protection: 0
server: cafe
etag: 11997025105020960252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 19:53:57 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4F6F 0
331 B 1143ms
282ms Other
image/gif 64.233.189.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kieytiyd&ctx=2&qqid=CMiXxqHRvO0CFY0H4Aodr7QCKQ&met.4=fb.4~lb.4a~ol.4a~idt.79~dt.-8z&met.3=739.4a~738.4a~736.6i~734.6o_1~735.73_1~734.78~113.7w_3~112.7u_5&met.1=1.kieytiqi~14.0~15.0~16.0~17.0~18.0~19.0~20.4a~21.4a~22.38~23.38&met.7=CCIQBBgBIAUoBTAFaAhwM3gWsAEBuAED~CBwQChgBIAYoBjANOAdoB3AMePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAYoBjAZOBQ~CBcQBhgBIAYoBjAROAtoCXAQeIzhAoABueACiAG54AKwAQG4AQM~CCgQChgBIPIBKPIBMJcCOCRo9AFwlAJ4raQBgAGPowGIAdmnA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 45C0 0
45 B 1145ms
291ms Other
image/gif 64.233.189.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kieytiym&ctx=2&qqid=CMOXxqHRvO0CFY0H4Aodr7QCKQ&met.4=fb.2~lb.4m~ol.6i~idt.8d~dt.-7v&met.3=739.4m~736.4u~734.6g_1~738.6h~735.7f_1~734.83~113.98_1~112.98_1&met.1=1.kieytipe~14.0~15.0~16.0~17.0~18.0~19.0~20.6h~21.6h~22.4d~23.4d&met.7=CCIQBBgBIAMoAzADaARwMHgWsAEBuAED~CBwQChgBIAMoAzAZOBZoCHAWeM8PgAHWC4gBshiwAQG4AQM~CCoQChgBIAMoAzAbOBc~CBcQBhgBIAQoBDAiOB5oCHAbeOH0AoABvPMCiAG88wKwAQG4AQM~CCIQBBgBIOkBKOkBMOkBaO8BcJkCeBiwAQG4AQM~CCgQChgBIKECKKECMMcCOCVoogJwwQJ4qqMBgAGPowGIAdmnA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9383 0
45 B 1138ms
292ms Other
image/gif 64.233.189.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kieytiyv&ctx=2&qqid=CL2XxqHRvO0CFY0H4Aodr7QCKQ&met.4=fb.2~lb.2x~ol.7t~idt.8p~dt.-7j&met.3=739.2x~734.46~749.47_2~749.49~736.56~734.5a_1~735.7q_1~738.7t~734.8e~113.9t_1~112.9t_1&met.1=1.kieytip2~14.0~15.0~16.0~17.0~18.0~19.0~20.7s~21.7t~22.4o~23.4o&met.7=CCIQBBgBIAQoBDAEaAZwNHgosAEBuAED~CBwQChgBIAUoBTAnOCJoFHAlePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAUoBTAXOBI~CBsQBhgBIAUoBTAWOBE~CBcQBhgBIAYoBjAxOCxABkgHUAdYIWAHaBRwKXiB1wKAAZjWAogBmNYCsAEBuAED~CCIQBBgBIL4BKL4BML4BUL8BWJcCYL8BaOgBcKUCeBiwAQG4AQM~CCgQChgBILACKLACMN0COC5osAJw0AJ4qqMBgAGPowGIAdmnA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BC2D 0
54 B 1122ms
291ms Other
image/gif 64.233.189.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kieytiza&chm=1&ctx=2&qqid=CMWXxqHRvO0CFY0H4Aodr7QCKQ&met.4=fb.2~lb.3~ol.7c~idt.89~dt.-7z&met.1=1.kieytipi~14.0~15.0~16.0~17.0~18.0~19.0~20.7c~21.7c~22.7n~23.7n&met.7=CCIQBhgBIAQoezCEATh_aHxwgwF43t0CgAGo3QKIAajdApABBJgBNrABAbgBAw~CCgQChgBIJ8CKJ8CMN0COD9onwJwwAJ4qqMBgAGPowGIAdmnA7ABAbgBAw&met.3=113.9s_1~112.9r_1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F59E 0
45 B 1102ms
290ms Other
image/gif 64.233.189.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kieytizq&ctx=2&qqid=CL-XxqHRvO0CFY0H4Aodr7QCKQ&met.4=fb.2~lb.3k~ol.7o~idt.8i~dt.-7q&met.3=739.3k~736.3l~734.4w_1~735.4x_1~734.7l~738.7o~113.ah_1~112.ah_2&met.1=1.kieytip9~14.0~15.0~16.0~17.0~18.0~19.0~20.7o~21.7o~22.4i~23.4i&met.7=CCIQBBgBIAMoAzADaAVwL3gWsAEBuAED~CBwQChgBIAMoAzAhOB5oDnAfePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAMoAzAWOBM~CBsQBhgBIAQoBDAUOBA~CBcQBhgBIAQoBDApOCZoDXAjeO6_AoABhb8CiAGFvwKwAQG4AQM~CCIQBBgBILEBKLEBMLEBaOEBcJ0CeJ0EsAEBuAED~CCgQChgBIKoCKKoCMPUCOEtoqwJwygJ4qqMBgAGPowGIAdmnA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8AE5 0
54 B 1095ms
284ms Other
image/gif 64.233.189.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kieytizs&ctx=2&qqid=CMaXxqHRvO0CFY0H4Aodr7QCKQ&met.4=fb.2~lb.5f~ol.70~idt.7f~dt.-8t&met.3=739.5f~736.6n~738.6z~734.70_1~735.77_1~734.7d~113.9g_1~112.9f_1&met.1=1.kieytiqc~14.1~15.0~16.1~17.1~18.1~19.1~20.70~21.70~22.3e~23.3e&met.7=CCIQBBgBIAMoAzADaAVwMHgWsAEBuAED~CBwQChgBIAQoBDAOOApoB3ANePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAQoBDAeOBs~CBsQBhgBIAQoBDAWOBI~CBcQBhgBIAQoBDAROAxoB3APePLaAoABvNoCiAG82gKwAQG4AQM~CCIQBBgBIP0BKP0BMP0BaP8BcKsCeBiwAQG4AQM~CCgQChgBIIgCKIgCMM0COEVoigJwqgJ4qqMBgAGPowGIAdmnA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3830 0
54 B 288ms
287ms Other
image/gif 64.233.189.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kieytizt&ctx=2&qqid=CMuXxqHRvO0CFY0H4Aodr7QCKQ&met.4=fb.2~lb.4i~ol.6q~idt.72~dt.-96&met.3=739.4i~736.6b~734.6k_1~738.6q~735.6w_1~734.72~113.94_1~112.94_1&met.1=1.kieytiqp~14.0~15.0~16.0~17.0~18.0~19.0~20.6q~21.6q~22.3p~23.3p&met.7=CCIQBBgBIAMoAzADaAVwMXgWsAEBuAED~CBwQChgBIAMoAzAMOAloBXALePILgAHWC4gBshiwAQG4AQM~CCoQChgBIAMoAzA4ODQ~CBcQBhgBIAQoBDAOOApoBXANeJzvAoABs-4CiAGz7gKwAQG4AQM~CCIQBBgBIOwBKOwBMOwBaO0BcJkCeBiwAQG4AQM~CCgQChgBIP0BKP0BMMMCOEZo_gFwoQJ4qqMBgAGPowGIAdmnA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame B0F3 337 B
352 B 17ms
16ms Stylesheet
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2912411
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:35:14 GMT
server: cloudflare
etag: "5f6a51f2-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 06e05697d300001f414f977000000001
accept-ranges: bytes
cf-ray: 5fe0c06c88cc1f41-FRA
expires: Fri, 24 Sep 2021 14:09:36 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame DDDA 337 B
402 B 13ms
13ms Stylesheet
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2912411
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:35:14 GMT
server: cloudflare
etag: "5f6a51f2-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 06e05697d400001f4148bbf000000001
accept-ranges: bytes
cf-ray: 5fe0c06c88d01f41-FRA
expires: Fri, 24 Sep 2021 14:09:36 GMT

GET
H/1.1 200
OK favicon-32x32.png
nextroll.com/ 2 KB
2 KB 342ms
124ms Image
image/png 3.90.94.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextroll.com/favicon-32x32.png
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.94.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-94-177.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 19:46:15 GMT
Via: 1.1 vegur
Last-Modified: Mon, 30 Nov 2020 21:05:36 GMT
Server: Apache
Etag: "64f-5b5595f1ce800"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1615

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F59E 42 B
725 B 42ms
28ms Fetch
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnQ60m4ShEkDF8Y7Ln2HtweF-eDcnQqUWtS5PAyYBgRD2oHoUo5u0fKF_rNfqqJVwOgK2Rd5pscpf57WigI3yJAkoZz69YpVyqGT_fi3o&sig=Cg0ArKJSzGbEsDIOIXn4EAE&id=osdim&mcvt=1000&p=62,562,152,1290&mtos=1000,1000,1000,1000,1011&tos=1000,0,0,0,11&v=20201204&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2179467046&rs=4&met=mue&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9383 42 B
66 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuPMtj8vz4iMGwpJE4XlP1WDO1ZW1JPlCzTHpf_9RsSAb0IuRQ73WrA2cPXlSt5fNMnXIIvoSZYkXJLOG588xhaXmNCg0yTNrkgaXoEQI&sig=Cg0ArKJSzJCd9WI52QlwEAE&id=osdim&mcvt=1000&p=319,480,799,1120&mtos=1000,1000,1000,1000,1097&tos=1000,0,0,0,97&v=20201204&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=650329221&rs=4&met=mue&la=1&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 45C0 42 B
66 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvtvv-6aKHFrH7RvrJ45brP0-Ez7OshLsoM1hRqnAOJ1jjEWsUU7QFmEtuovESwQnhX3R9LZJls8xI82AJSnjy7ReiAJEcpusSC3wpdYc&sig=Cg0ArKJSzOrqZgDNK7w6EAE&id=osdim&mcvt=1003&p=251,310,491,1290&mtos=1003,1003,1003,1003,1018&tos=1003,0,0,0,15&v=20201204&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1353799527&rs=4&met=mue&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3830 42 B
66 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdykSjRUDDUHWt_SXhFvYbrlp6tUc_L_onXq3d1BfPyL4zRHjf0XdA4OLzm1fJNsdKSz59aFDBeyV0Ncn9KDRMDkLnHFkT9eH6mVnNeL8&sig=Cg0ArKJSzGEIc-INR3qHEAE&id=osdim&mcvt=1000&p=827,313,1427,453&mtos=0,0,1000,1000,1071&tos=0,0,1000,0,71&v=20201204&bin=7&avms=nio&bs=1600,1200&mc=0.62&app=0&itpl=3&adk=1485002616&rs=4&met=mue&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8AE5 42 B
66 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssti5lElN82TnFABgRGHW3Z6_FgVCSPyUM1Y2QTIiAc68VIdqxkQtPFQpfNO-nLBURhODGIh20htwqApZs5Mkd4Xj15GSgAbZn4jkv_Y2I&sig=Cg0ArKJSzAeT6r1qQbtyEAE&id=osdim&mcvt=1001&p=667,990,1267,1290&mtos=0,1001,1001,1001,1058&tos=0,1001,0,0,57&v=20201204&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=3&adk=1205037887&rs=4&met=mue&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 137ms
137ms Other
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3830659&conversations-embed=static-1.7966&mobile=false&messagesUtk=bd09b61271ee4350811ac160d65d4f35&traceId=bd09b61271ee4350811ac160d65d4f35

Protocol

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.insurancebusinessmag.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Dec 2020 19:46:38 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2BBD0B86A27E45F4C1E5BFC721B983587D7E25C697000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status: DYNAMIC
cf-request-id: 06e056f12a00002c4eb3821000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 5fe0c0fb7cd12c4e-FRA

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 170ms
55ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:38 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 6CDA04CEF72D568E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=29036
accept-ranges: bytes
content-length: 948
x-amz-id-2: vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=

GET
H2 200 sj.js Show response
cdn.sajari.com/js/ 73 KB
23 KB 72ms
20ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.com/js/sj.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 18:53:35 GMT
content-encoding: gzip
age: 3183
x-guploader-uploadid: ABg5-Uxwz_U4wjrafsYiOaCDEE-8q_uTES-kQfb2CyMSemEdYqSiv_a86wQlEBxVIyMKCg7MV2O7wJAfEKvrg5Qsl3lTrYOjFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 22520
last-modified: Fri, 09 Aug 2019 06:30:26 GMT
server: UploadServer
etag: "3fff0fe5f3afe436da542b563b190778"
x-goog-hash: crc32c=dbS54A==, md5=P/8P5fOv5DbaVCtWOxkHeA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1565332226271049
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 22520
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Dec 2020 18:53:35 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 351 B
406 B 128ms
128ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

date: Mon, 07 Dec 2020 19:46:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-length: 269
cf-request-id: 06e056f1b600002c4e6b0e3000000001
server: cloudflare
x-trace: 2BBB06E749667FAD6DC614ECDB5FD97077592252D5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 5fe0c0fc5f822c4e-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-57392d15fa194164/ 2 KB
762 B 107ms
49ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-57392d15fa194164/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:38 GMT
content-encoding: gzip
etag: -1792729687--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=24, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 585

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 39ms
38ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 07 Dec 2020 19:46:38 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 /
re.sajari.com/ 48 B
48 B 253ms
230ms Image
image/gif 2a00:1450:4001:816::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re.sajari.com/?company=keymedia&collection=insurancebusiness&cc.co=keymedia&cc.pr=insurancebusiness&p.ga=&p.id=1607370398050.368906&e.id=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec.ti=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&ec.de=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&ec.ke=&canonical=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&bodyChecksum=e86c6832dea3f3fc78cbdb9e0afcd879&metaChecksum=9fa55bef232096ad927a2f87f0dc9f12&meta%5Bviewport%5D=width%3Ddevice-width%2C%20initial-scale%3D1&meta%5Bdescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bcustom%20meta%20field%5D=2020&meta%5Bauthor%5D=Lyle%20Adriano&meta%5Btwitter%3Acard%5D=summary_large_image&meta%5Btwitter%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Btwitter%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Btwitter%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Btwitter%3Asite%5D=%40InsuranceBizCA&meta%5Bog%3Aurl%5D=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&meta%5Bog%3Atype%5D=article&meta%5Bog%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Bog%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bog%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Bpublished_year%5D=custom%20meta%20field
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cloud-trace-context: 0a898ecca4ff08c49a8117b399851615
x-appengine-log-flush-count: 0
server: Google Frontend
date: Mon, 07 Dec 2020 19:46:38 GMT
content-length: 48
content-type: image/gif

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
257 B 24ms
23ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=3830659&rcu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&pu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t=Malicious+actors+publish+data+stolen+from+fuel+company+%7C+Insurance+Business&cts=1607370398239&vi=6ab449675dd9e3917172bbd80c26c029&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5fe0c0fd0a940631-FRA
date: Mon, 07 Dec 2020 19:46:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 06e056f227000006312b3e4000000001
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 134 B
706 B 135ms
119ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3830659

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 06e056f2380000060168259000000001
server: cloudflare
x-trace: 2B6978C2E97C1196B109DE68705C84AC5698B74548000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: false
cf-ray: 5fe0c0fd2c190601-FRA
access-control-allow-headers: *

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06707f8763cda732fe3d7d457264ebe8210a94cbc5ccea1a2f3b2bbc8d5172b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 19:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6477
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 07 Dec 2020 19:46:38 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame D5FD 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 07 Dec 2020 18:45:19 GMT
expires: Tue, 07 Dec 2021 18:45:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3679
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 661917934558964 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 115ms
115ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661917934558964?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

424bd8c15b75522b392c071dd64f49ee0b025f06a58e7394c33851c0394e4b91

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: NsV6APhV9NU+Mc7F0FK6JuaiqwXDxv3dRStGREROneIQud7Ll2/46YJM1+Vpi1cfTNkGKh94j3FUFB6EDqIKSg==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 19:46:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1473320740
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 19ms
18ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120301&jk=3717466678483328&bg=!HxylHDzNAAUbEDgJG1gPtyD_ZaDElgIAAABlUgAAABNoAQcKAaVGBEDSVAuoQbzwIPpQ5WouFaWS5sD6h-AtTMYSh5wBl_fj2CHBR9606fG0kDLGQImc5vaEuM44sG0BGnLwcgvK9MxRrYL-RM9IEwN-x6atLYEVCehYwPC6QEhpO68ZN05DLS3DgW_dwEQpmsSCU4TmfutOXmFJSeL0tHrPJ7HsbESjrxtQQ275Jje0uV3UzOEW2EvHBnSi5eqamgGYmprTrQWw4dKAYI20u_jP7J9tgF15-XOata_p6leR26gD0eFjZbjLUuXwVqG2VK0OYdNOHHOUTNH8miplfsPcARf1htum-jBpQunI3421HOPs06RnCIbYUelVCk6Z2pWvVyTrCyN4Bt0WtOofpKnv8OvTwYZVxvM41wXioWyBRhTkwC_YbyLei7caUGiGpS4dWPfa31lGD_dCizK7MyvC4XWZ5zb1l3Pfxcb-B7LttvWEnCwND2bxvmxW2AdqrGlUp767Z-fvCTYihSrferJpQeNOwNmgu_kuNQZCGeKVFcYfJ7bRGSgsaSk0XjDbWEWrqJ5-OX3mSPJdxofzmtNNXlmG8Hbxuy1imQHFzNsclNnGZbRgv8nw8KyNdP_HxjThK8g0ZqQMn_PU1N29JcXhQlZPHsGjitTs7Enh-p_bxSWyyqdC3rghilegrhuLcMuAbRGKtp_z7S7RxyYtJNXBG2xOlzDOfhXy4I0QarDyyQXh_6extLx_a5s7DGjEvevFo5cngeygo77PdaSyl99pWEs7EjZHy8pa0_z353G_BEhHrG3_o6MPw7jXS2arQuRwuKCCs97k4ysX5dm_aWxRNyTpi2o9u3Gb2IL6PYueNU4aRCQiXaHUbLL0u0r74bukyc3cVZvHbccA5YF2uE27Vu7XQMK56fCiS-GeadvLAPOMXEKQUcerRWJBkPXzMZ1_nhQ77-JzT82lx856J36rXUQD2MMXL5HZdzwVDl-6ogAJilzWQoUxYElhUxhxXtt0xrBkgBgeEALpzLI0x0OF8PKvp3JaZd3ZL9DJURz-9PavuQtvYeRAJD1syR1VGNC33ARlxO70AVas7JU_dMrOqwYf0-4v3-V1QBskMF9gartAziNrGtLVeHVJsCvm06-NWMDyRm0FSiVUa6VJyeCngOCysoLcROMtpvljGVFeghnRgrAWD0bSo8XBIJb7aqts

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 19:46:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 228002331440464 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 45ms
44ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/228002331440464?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: FID2WNSyZ/O+THShfD20AW+O8FAtTrxQwEkutGNgEgxi6F0iuFHr8vY0z6+I9q2ZoS+3zupoIlrXfXyJAY5e5Q==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 19:46:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 485817644
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661917934558964&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607370398643&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607370398641.365336715&it=1607370374093&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 19:46:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
211 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=228002331440464&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607370398644&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607370398641.365336715&it=1607370374093&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 19:46:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 19:46:38 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
53 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryXftUka277EW6qjTB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 19:46:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary52l7a6wqQBdjVQkk

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 19:46:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.insurancebusinessmag.com/	1970-01-19 23:59:44	Name: __atuvc Value: 1%7C50
.insurancebusinessmag.com/	1970-01-19 23:51:06	Name: __hstc Value: 226989634.6ab449675dd9e3917172bbd80c26c029.1607370398237.1607370398237.1607370398237.1
.insurancebusinessmag.com/	1970-01-19 14:29:32	Name: __hssc Value: 226989634.1.1607370398237
www.insurancebusinessmag.com/	1970-01-19 14:29:32	Name: __atuvs Value: 5fce869d843ddfc7000
.insurancebusinessmag.com/	1970-01-19 23:51:06	Name: hubspotutk Value: 6ab449675dd9e3917172bbd80c26c029
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: sjSE Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d8f5e3a89f1562d9c52ac512a2a5a86.safeframe.googlesyndication.com
adservice.google.com
adservice.google.fr
api.hubapi.com
api.hubspot.com
c.disquscdn.com
cdn-res.keymedia.com
cdn.sajari.com
cdn.sajari.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
csi.gstatic.com
d.adroll.com
d.adroll.mgr.consensu.org
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insurance-business.disqus.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
maxcdn.bootstrapcdn.com
nextroll.com
pagead2.googlesyndication.com
re.sajari.com
s.adroll.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
use.fontawesome.com
v1.addthisedge.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.insurancebusinessmag.com
z.moatads.com
104.111.214.206
104.111.216.96
104.75.88.112
151.101.112.134
151.101.192.134
172.217.18.162
172.217.23.130
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3a
23.111.9.35
2606:4700:3037::681f:5ebc
2606:4700::6810:135e
2606:4700::6810:a852
2606:4700::6811:46b0
2606:4700::6811:73b0
2606:4700::6811:cacc
2606:4700::6811:d6cc
2606:4700::6811:eccc
2606:4700::6812:15bf
2606:4700::6812:a813
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:816::2001
2a00:1450:4001:816::2013
2a00:1450:4001:817::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:820::200a
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c09::9b
2a02:26f0:1700:d::1737:6e8f
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.248.28.111
3.90.94.177
35.190.50.98
63.35.200.21
64.233.189.94
02c301cd6185415b17a4977ebaa5f89beb081422e0ac2758c9b52484cfe15d02
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37
04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06707f8763cda732fe3d7d457264ebe8210a94cbc5ccea1a2f3b2bbc8d5172b8
083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576
0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec
1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1ab092634138c04c4d400ffe26f4d1e7e332adbd7ce2b974288b0674850bc2b0
1ab93462fa03e6a552a857fe7005098fe133645b3d88f82feaa91a31c7a9d9a5
1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e
2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6
21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276
25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142
2a06ae15140593d7a3057126d977586ce9a20ee9057ade9080b202094085b1b6
315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf
383e5f611a5c1637137d721c623842d4ad37fbb609e726a0a086b8fdd4c481cb
3d9889441bdab0964953cdaf11d8b4560ea52c69cbe412f3e7d5fa952d865a89
40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82
424bd8c15b75522b392c071dd64f49ee0b025f06a58e7394c33851c0394e4b91
47f938cdd60fee25a2762afbe4ccd01a496da4f72ef61db354467cb47649766d
493a176ec78fb0ac6b6a95d9a93d57cd4db4880151ec1017282f8fee3f6250c9
4a1d442058c497afe88cfc2c7869086746e43753db98a5eba92884544f2ebe70
4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5
4f648ef7203d3e6e6edec26320a877d7cea6cc822d9631c050c53d71796d19fb
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4
52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5dc6d8abc209bc3f1f14a53e4e7b8bf248a9f1252a877e66807f845bc957be2d
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7a4080d7b3a78d8829b8e436b103b9736e6757f007c06d51ada0f659cb50a6b1
802df8e7bb92807c6621ff011d2296a8bb3dbe948dd30dfa58c4a890d184b0ad
80479814589d820a87ac07a15295f8ed6bd207bd4c6750c72910093af88e79b2
81043964d632f8c923203ff2272cac8468d061c0d8555cdb2319e687016b4a6c
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8988e60ed8b437a92b766df9c77312e0654dda367b2565cb0adfe7ec8e9f80ed
9f75a1a0bc71452e1279885056d6c76bee32b081cf303bea3ebcfc1b1409f316
a1950a612a824bf3cfaa38d9ddbf4803cf2e572aab2c6901942323f38d7b2bd9
a61ea8cb3c5f515c19cd53d77f3a66b7317a471072cfb5bd627f71d321e66e95
ab8636153eb695bdfc6ed4ca7adf58578aee06032fbe8b394b17663657c614fb
aba2a0e5d978194c64c77dde2152baf5ff5ae0548ccae71aaf75b257558c76e9
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b1bb34332753cec9c7a9b55a08a18ba0ec91fad4d90d3e28c051f82ab09b5055
b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b
e6f95300399b1c685c7fd403be1eb3b04609717ff30d6f9512f6d42b81552152
e735e08c4da24b5efe03dc7d48842a415f91122e5b74e23d2e9e461d0ae73199
edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

www.insurancebusinessmag.com Open in urlscan Pro 2606:4700:3037::681f:5ebc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

144 Requests

100 %HTTPS

71 %IPv6

37 Domains

47 Subdomains

45 IPs

6 Countries

2607 kBTransfer

6197 kBSize

7 Cookies

11 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

100 %
HTTPS

71 %
IPv6

37
Domains

47
Subdomains

45
IPs

6
Countries

2607 kB
Transfer

6197 kB
Size

7
Cookies

144 HTTP transactions
7 data transactions