www.proofpoint.com
Open in
urlscan Pro
2a02:e980:107::cf
Public Scan
Effective URL: https://www.proofpoint.com/us/threat-insight/post/ta2101-plays-government-imposter-distribute-malware-german-italian-and-us...
Submission: On April 28 via api from US
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on August 27th 2019. Valid for: a year.
This is the only time www.proofpoint.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net
www.googleadservices.com |
ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com
munchkin.marketo.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-37.fra2.r.cloudfront.net
scripts.demandbase.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-126.fra50.r.cloudfront.net
api.company-target.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-1-63.eu-west-1.compute.amazonaws.com
match.prod.bidr.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-113.fra2.r.cloudfront.net
segments.company-target.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
static.hotjar.com |
ASN27281 (QUANTCAST, US)
secure.quantserve.com | |
pixel.quantserve.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-26-209.eu-west-1.compute.amazonaws.com
ads.avocet.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-182-42.eu-west-1.compute.amazonaws.com
ads.avct.cloud |
ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN15169 (GOOGLE, US)
visitor.reactful.com | |
tracking.reactful.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
4788165.fls.doubleclick.net | |
ad.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-91.fra50.r.cloudfront.net
js.driftt.com |
ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net
s.ml-attr.com |
ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-6.fra2.r.cloudfront.net
attr.ml-api.io |
ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com
gwmtracking.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com
s.adroll.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-245-120.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org | |
d.adroll.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress5
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-143-252.eu-central-1.compute.amazonaws.com
pixel.advertising.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-189-189.eu-central-1.compute.amazonaws.com
eb2.3lift.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-35-19.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 149.8.241.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com
us-u.openx.net |
ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f2.1e100.net
cm.g.doubleclick.net |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net |
Domain | Requested by | |
---|---|---|
17 | d.adroll.com |
14 redirects
www.proofpoint.com
|
15 | www.proofpoint.com |
www.proofpoint.com
|
6 | s.adroll.com |
1 redirects
www.googletagmanager.com
www.proofpoint.com s.adroll.com |
5 | tracking.g2crowd.com |
www.proofpoint.com
|
4 | ads.avct.cloud |
2 redirects
www.proofpoint.com
|
4 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
www.proofpoint.com |
3 | www.google.de |
www.proofpoint.com
|
3 | www.google.com |
1 redirects
www.proofpoint.com
|
2 | fonts.gstatic.com | |
2 | tracking.reactful.com |
visitor.reactful.com
|
2 | bam.nr-data.net |
js-agent.newrelic.com
|
2 | us-u.openx.net |
1 redirects
www.proofpoint.com
|
2 | x.bidswitch.net |
1 redirects
www.proofpoint.com
|
2 | eb2.3lift.com |
1 redirects
www.proofpoint.com
|
2 | sync.outbrain.com |
1 redirects
www.proofpoint.com
|
2 | dsum-sec.casalemedia.com |
1 redirects
www.proofpoint.com
|
2 | pixel.advertising.com | 2 redirects |
2 | connect.facebook.net |
s.adroll.com
connect.facebook.net |
2 | px.ads.linkedin.com |
1 redirects
www.proofpoint.com
|
2 | ad.doubleclick.net | 2 redirects |
2 | secure.adnxs.com | 2 redirects |
2 | js.driftt.com |
www.proofpoint.com
js.driftt.com |
2 | 4788165.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | visitor.reactful.com |
www.proofpoint.com
visitor.reactful.com |
2 | dev.visualwebsiteoptimizer.com |
www.proofpoint.com
|
2 | ads.avocet.io | 2 redirects |
2 | bat.bing.com |
www.googletagmanager.com
www.proofpoint.com |
2 | segments.company-target.com |
1 redirects
www.proofpoint.com
|
2 | match.prod.bidr.io | 2 redirects |
2 | api.company-target.com |
scripts.demandbase.com
www.proofpoint.com |
2 | googleads.g.doubleclick.net |
www.googleadservices.com
|
2 | munchkin.marketo.net |
www.proofpoint.com
munchkin.marketo.net |
2 | geoip-js.com |
www.proofpoint.com
geoip-js.com |
2 | www.googleadservices.com |
www.proofpoint.com
www.googletagmanager.com |
2 | fonts.googleapis.com |
www.proofpoint.com
visitor.reactful.com |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | js-agent.newrelic.com |
www.proofpoint.com
|
1 | www.facebook.com |
www.proofpoint.com
|
1 | cm.g.doubleclick.net | 1 redirects |
1 | idsync.rlcdn.com |
www.proofpoint.com
|
1 | ib.adnxs.com |
www.proofpoint.com
|
1 | trc.taboola.com |
www.proofpoint.com
|
1 | ads.yahoo.com | 1 redirects |
1 | simage2.pubmatic.com |
www.proofpoint.com
|
1 | pixel.rubiconproject.com |
www.proofpoint.com
|
1 | ups.analytics.yahoo.com |
www.proofpoint.com
|
1 | pixel.quantserve.com |
www.proofpoint.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | d.adroll.mgr.consensu.org | 1 redirects |
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | t.co |
www.proofpoint.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.linkedin.com | 1 redirects |
1 | adservice.google.com |
www.proofpoint.com
|
1 | gwmtracking.com | 1 redirects |
1 | attr.ml-api.io |
www.proofpoint.com
|
1 | s.ml-attr.com | 1 redirects |
1 | secure.quantserve.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | snap.licdn.com |
www.googletagmanager.com
|
1 | scripts.demandbase.com |
www.proofpoint.com
|
1 | www.googletagmanager.com |
www.proofpoint.com
|
97 | 64 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
proofpoint.com Thawte RSA CA 2018 |
2019-08-27 - 2020-08-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-03-24 - 2020-10-09 |
7 months | crt.sh |
*.marketo.net DigiCert SHA2 Secure Server CA |
2020-03-14 - 2021-04-13 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
*.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2018-09-20 - 2020-11-19 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
*.company-target.com Go Daddy Secure Certificate Authority - G2 |
2019-06-19 - 2021-08-18 |
2 years | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2019-08-14 - 2020-08-18 |
a year | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2019-10-04 - 2020-10-07 |
a year | crt.sh |
ads-eu.avct.cloud Amazon |
2020-04-01 - 2021-05-01 |
a year | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2017-06-30 - 2020-07-06 |
3 years | crt.sh |
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA |
2019-08-06 - 2020-09-28 |
a year | crt.sh |
*.reactful.com Go Daddy Secure Certificate Authority - G2 |
2020-03-12 - 2021-05-09 |
a year | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
drift.com Amazon |
2019-10-03 - 2020-11-03 |
a year | crt.sh |
*.ml-api.io Amazon |
2020-02-06 - 2021-03-06 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
*.adroll.com DigiCert SHA2 Secure Server CA |
2020-01-29 - 2021-04-29 |
a year | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2020-03-04 - 2020-09-04 |
6 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
adroll.mgr.consensu.org Amazon |
2019-11-06 - 2020-12-06 |
a year | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-02-13 - 2020-08-11 |
6 months | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2020-03-02 - 2021-04-01 |
a year | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2019-01-10 - 2021-01-14 |
2 years | crt.sh |
*.outbrain.com Thawte RSA CA 2018 |
2019-10-29 - 2021-11-23 |
2 years | crt.sh |
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA |
2019-02-22 - 2021-02-21 |
2 years | crt.sh |
*.taboola.com DigiCert SHA2 Secure Server CA |
2020-02-19 - 2020-09-10 |
7 months | crt.sh |
*.3lift.com Amazon |
2019-07-17 - 2020-08-17 |
a year | crt.sh |
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2020-04-23 - 2022-05-04 |
2 years | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2018-01-04 - 2020-07-09 |
3 years | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-04-23 - 2021-03-18 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.proofpoint.com/us/threat-insight/post/ta2101-plays-government-imposter-distribute-malware-german-italian-and-us./r/nhttps://kc.mcafee.com/corporate/index?page=content&id=KB92734&viewlocale=fr_fr&locale=fr_fr\r\n\r\nSUMMARY\r\n___________________________________________________\r\n-
Frame ID: F1A020E0B012BDE635067C3655647CCF
Requests: 110 HTTP requests in this frame
Frame:
https://4788165.fls.doubleclick.net/activityi;dc_pre=CN_8kceSjOkCFc_IuwgddZwLyg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6812284010068.823
Frame ID: 05335CE27BA113E0868591FBF8FBB8E1
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 63CADE5A41C1916D58E5A84672CF4C79
Requests: 1 HTTP requests in this frame
Frame:
https://js.driftt.com/deploy/assets/index.html
Frame ID: 2EC51B3DE4FE45B882CD07E3CE13680D
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
AdRoll (Advertising Networks) Expand
Detected patterns
- script /(?:a|s)\.adroll\.com/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Quantcast (Analytics) Expand
Detected patterns
- script /\.quantserve\.com\/quant\.js/i
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
Title: Support Log-in
Search URL Search Domain Scan URL
Title: Digital Risk Portal
Search URL Search Domain Scan URL
Title: Email Fraud Defense
Search URL Search Domain Scan URL
Title: ET Intelligence
Search URL Search Domain Scan URL
Title: Proofpoint Essentials
Search URL Search Domain Scan URL
Title: Sendmail Support Log-in
Search URL Search Domain Scan URL
Title: Channel PartnersBecome a channel partner. Deliver Proofpoint solutions to your customers and grow your business.
Search URL Search Domain Scan URL
Title: Find a Channel Partner
Search URL Search Domain Scan URL
Title: Become a Channel Partner
Search URL Search Domain Scan URL
Title: Watch now to earn your CPE credits
Search URL Search Domain Scan URL
Title: Investor Center View Proofpoint investor relations information, including press releases, financial results and events.
Search URL Search Domain Scan URL
Title: Investors Center
Search URL Search Domain Scan URL
Title: IP Address Blocked?
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: linkedin
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 39- https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
- https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
- https://segments.company-target.com/log?vendor=choca&user_id=AAGVUk69UVYAAG6cc5wJyw HTTP 303
- https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGVUk69UVYAAG6cc5wJyw&verifyHash=8f51aa6ebdf0530609abf6419fc94fd3719c353f
- https://ads.avocet.io/s?add=5aba5f53ab79f7f51390a95a&ty=j HTTP 301
- https://ads.avct.cloud/s?r=1&uuid=0&add=5aba5f53ab79f7f51390a95a&ty=j HTTP 302
- https://ads.avct.cloud/s?bounce=true&r=1&uuid=0&add=5aba5f53ab79f7f51390a95a&ty=j
- https://ads.avocet.io/s?add=5d1dcad3b00320110090d553&ty=j HTTP 301
- https://ads.avct.cloud/s?r=1&uuid=0&add=5d1dcad3b00320110090d553&ty=j HTTP 302
- https://ads.avct.cloud/s?bounce=true&r=1&uuid=0&add=5d1dcad3b00320110090d553&ty=j
- https://4788165.fls.doubleclick.net/activityi;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6812284010068.823 HTTP 302
- https://4788165.fls.doubleclick.net/activityi;dc_pre=CN_8kceSjOkCFc_IuwgddZwLyg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6812284010068.823
- https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dproofpoint.com%26pId%3d%24UID HTTP 302
- https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dproofpoint.com%26pId%3d%24UID HTTP 307
- https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dproofpoint.com%2526pId%253d%2524UID HTTP 302
- https://attr.ml-api.io/?domain=proofpoint.com&pId=3118802362309008801
- https://gwmtracking.com/p/v/1/5b7320b8f870815f7f59492b/format/img?gtmcb=1252010180 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=8909468;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=8909468;dc_pre=CNqEvseSjOkCFU9uGwodfl0MZA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
- https://adservice.google.com/ddm/fls/z/src=8909468;dc_pre=CNqEvseSjOkCFU9uGwodfl0MZA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&time=1588112088347 HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D169250%26url%3Dhttps%253A%252F%252Fwww.proofpoint.com%252Fus%252Fthreat-insight%252Fpost%252Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%252Fr%252Fnhttps%253A%252F%252Fkc.mcafee.com%252Fcorporate%252Findex%253Fpage%253Dcontent%2526id%253DKB92734%2526viewlocale%253Dfr_fr%2526locale%253Dfr_fr%255Cr%255Cn%255Cr%255CnSUMMARY%255Cr%255Cn___________________________________________________%255Cr%255Cn-%26time%3D1588112088347%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=169250&url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&time=1588112088347&liSync=true
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1655181927&t=pageview&_s=1&dl=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Proofpoint%20US&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFBAAEAB~&jid=1577627883&gjid=664922422&cid=304155067.1588112088&tid=UA-2257074-1&_gid=1128882449.1588112088&_r=1>m=2wg4f0MGR7P8X&z=1715663811 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2257074-1&cid=304155067.1588112088&jid=1577627883&_gid=1128882449.1588112088&gjid=664922422&_v=j81&z=1715663811 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=304155067.1588112088&jid=1577627883&_v=j81&z=1715663811 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2257074-1&cid=304155067.1588112088&jid=1577627883&_v=j81&z=1715663811&slf_rd=1&random=2983013283
- https://s.adroll.com/j/exp/7YJ7XZCLMRHSVCXIHB5HIT/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/7YJ7XZCLMRHSVCXIHB5HIT?_s=11add5dd973267bc115ffb33eae33f63&_b=2 HTTP 302
- https://d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/?_s=11add5dd973267bc115ffb33eae33f63&_b=2
- https://d.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&pv=80186283752.70102&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/T47Y2VPPABDUBJXFROMZZM.js
- https://d.adroll.com/cm/aol/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?uid=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPacb20572-899d-11ea-a360-06b408aa5bf6
- https://d.adroll.com/cm/index/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&expiration=1619648088 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&expiration=1619648088&C=1
- https://d.adroll.com/cm/n/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&expires=365
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&rdrctExp=true
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/taboola/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/b/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg
- https://d.adroll.com/cm/x/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=OTdlMWNkOGE2NGNlYjExMmZiYTAyZjIyZTdkMzFjNjg
- https://d.adroll.com/cm/l/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=97e1cd8a64ceb112fba02f22e7d31c68
- https://d.adroll.com/cm/o/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=97e1cd8a64ceb112fba02f22e7d31c68 HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=97e1cd8a64ceb112fba02f22e7d31c68
- https://d.adroll.com/cm/g/out?adroll_fpc=70e4d6e860b8f938955dc1317ac7f477-1588112088634&arrfrr=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2Fr%2Fnhttps%3A%2F%2Fkc.mcafee.com%2Fcorporate%2Findex%3Fpage%3Dcontent%26id%3DKB92734%26viewlocale%3Dfr_fr%26locale%3Dfr_fr%5Cr%5Cn%5Cr%5CnSUMMARY%5Cr%5Cn___________________________________________________%5Cr%5Cn-&xid_ch=f&advertisable=7YJ7XZCLMRHSVCXIHB5HIT&google_nid=adroll5 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=l-HNimTOsRL7oC8i59McaA HTTP 302
- https://d.adroll.com/cm/g/in
97 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index
www.proofpoint.com/us/threat-insight/post/ta2101-plays-government-imposter-distribute-malware-german-italian-and-us./r/nhttps://kc.mcafee.com/corporate/ |
41 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_BpC9e9Xf-abYN_CGrep6Vz3VI9oBlboIb4s435larzM.css
www.proofpoint.com/sites/default/files/css/ |
25 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_hQHpK914zY4FyLEBiR1JyH34obgrO7-kdcg8FPT0g88.css
www.proofpoint.com/sites/default/files/css/ |
756 KB 190 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
www.proofpoint.com/core/assets/vendor/modernizr/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-reg.svg
www.proofpoint.com/themes/custom/proofpoint/dist/app-drupal/assets/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
psat-training-modules.png
www.proofpoint.com/themes/custom/proofpoint/dist/app-drupal/assets/ |
913 KB 914 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
12 KB 901 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
209 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
221 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
204 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
221 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
720 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
444 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
606 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
685 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
460 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
465 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blue-bg.png
www.proofpoint.com/themes/custom/proofpoint/dist/app-drupal/assets/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RobotoCondensed-Regular-webfont.woff
www.proofpoint.com/themes/custom/proofpoint/dist/app-drupal/assets/fonts/ |
21 KB 21 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fjalla-one-v7-latin-regular.woff2
www.proofpoint.com/themes/custom/proofpoint/dist/app-drupal/assets/fonts/ |
16 KB 16 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
27 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_UJ6WAapFBKGtCbnPxYQVxUAs3D5OwPRBRocKPZw3Gdo.js
www.proofpoint.com/sites/default/files/js/ |
138 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geoip2.js
geoip-js.com/js/apis/geoip2/v2.1/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_uO_4d7s8b5IZnoF4iyK0PxwR2_Sn_Is4HKuBW6aio10.js
www.proofpoint.com/sites/default/files/js/ |
8 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_HEYxx3UitzLt66h2zHBeQDdU1hDQNbpw6dyyF2yI5Fg.js
www.proofpoint.com/sites/default/files/js/ |
1 MB 410 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proofpoint.woff2
www.proofpoint.com/themes/custom/proofpoint/dist/app-drupal/assets/fonts/ |
18 KB 18 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RobotoCondensed-Bold-webfont.woff
www.proofpoint.com/themes/custom/proofpoint/dist/app-drupal/assets/fonts/ |
21 KB 21 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net/158/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
219 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MP9Jyqtx.min.js
scripts.demandbase.com/ |
103 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950296937/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
me
geoip-js.com/geoip/v2.1/country/ |
771 B 1 KB |
XHR
application/vnd.maxmind.com-country+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
207 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/950296937/ |
42 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/950296937/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip.json
api.company-target.com/api/v2/ |
440 B 944 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validateCookie
segments.company-target.com/ Redirect Chain
|
26 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
28 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1456002.js
static.hotjar.com/c/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quant.js
secure.quantserve.com/ |
13 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s
ads.avct.cloud/ Redirect Chain
|
0 382 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1594.js
tracking.g2crowd.com/attribution_tracking/conversions/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1644.js
tracking.g2crowd.com/attribution_tracking/conversions/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1645.js
tracking.g2crowd.com/attribution_tracking/conversions/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1646.js
tracking.g2crowd.com/attribution_tracking/conversions/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1647.js
tracking.g2crowd.com/attribution_tracking/conversions/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.rtfl.js
visitor.reactful.com/dist/ |
270 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip.json
api.company-target.com/api/v2/ |
440 B 944 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s
ads.avct.cloud/ Redirect Chain
|
0 382 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CN_8kceSjOkCFc_IuwgddZwLyg;src=4788165;type=sitew0;cat=proof0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6812284010068.823
4788165.fls.doubleclick.net/ Frame 0533 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5dfsgn7m2kst.js
js.driftt.com/include/1588112100000/ |
137 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
attr.ml-api.io/ Redirect Chain
|
4 B 484 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=8909468;dc_pre=CNqEvseSjOkCFU9uGwodfl0MZA;type=invmedia;cat=1l6xh4ap;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
34 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 42 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DE.png
www.proofpoint.com/modules/custom/pp_i18n/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
129 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
234 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 93 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950296937/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 218 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-R3wfD8YvtmDvY.js
rules.quantcount.com/ |
3 B 356 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/ |
0 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.adroll.com/consent/check/7YJ7XZCLMRHSVCXIHB5HIT/ Redirect Chain
|
115 B 581 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 96 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.de7e888e0955327c1dca.js
script.hotjar.com/ |
367 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/950296937/ |
42 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/950296937/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 63CA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
visitor.reactful.com/config/879986/ |
14 KB 5 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel;r=490437410;source=gtm;rf=0;a=p-R3wfD8YvtmDvY;url=https%3A%2F%2Fwww.proofpoint.com%2Fus%2Fthreat-insight%2Fpost%2Fta2101-plays-government-imposter-distribute-malware-german-italian-and-us.%2F...
pixel.quantserve.com/ |
35 B 658 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
T47Y2VPPABDUBJXFROMZZM.js
s.adroll.com/pixel/7YJ7XZCLMRHSVCXIHB5HIT/YV5KYXXEJZATZCT37YRTMK/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sendrolling.js
s.adroll.com/j/ |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 977 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 1003 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 452 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Pug
simage2.pubmatic.com/AdServer/ Redirect Chain
|
1 B 543 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/r/ Redirect Chain
|
42 B 498 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
trc.taboola.com/sg/adroll-network/1/rtb-h/ Redirect Chain
|
0 281 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 353 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 379 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
setuid
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
377928.gif
idsync.rlcdn.com/ Redirect Chain
|
0 62 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 534 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
389545881899618
connect.facebook.net/signals/config/ |
447 KB 113 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 248 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1167.min.js
js-agent.newrelic.com/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
js.driftt.com/deploy/assets/ Frame 2EC5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0ae22ad83e
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8142fc18-7ad2-4e50-9010-982d35ea1378
https://www.proofpoint.com/ |
14 KB 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
tracking.reactful.com/tracking/879986/ |
6 B 120 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
25 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
tracking.reactful.com/tracking/879986/ |
6 B 115 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
0ae22ad83e
bam.nr-data.net/events/1/ |
24 B 185 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
146 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| Modernizr function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| dataLayer object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url function| _ function| jQuery undefined| $ object| Backbone object| drupalSettings object| Drupal object| geoip2 function| _toConsumableArray function| BaseClass object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __algolia function| subscribeToMarketoFormEvent object| MunchkinTracker function| __extends object| Demandbase object| __db function| DBSegment function| ga function| postscribe object| google_tag_manager string| GoogleAnalyticsObject object| uetq string| _linkedin_data_partner_id function| twq function| hj object| _hjSettings object| _qevents object| vimeoGAJS object| _vwo_code number| settings_timer number| _vwo_settings_timer object| _rctfl string| axel number| a function| drift function| driftt string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded function| lintrk boolean| _already_called_lintrk object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| UET function| google_trackConversion object| GooglebQhCsO undefined| b string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| twttr function| quantserve function| __qc object| ezt object| _qoptions string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| platform boolean| __DRIFTT_WIDGET_INCLUDED__ string| __DRIFT_INSTANCE_ID__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__ boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars function| fbq function| _fbq object| adroll_exp_list object| _rctfl_track17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: IDE Value: AHWqTUkY_ViPhb7riXBxCrGqSFGRIMPaUWIxIM1urCo-OOua6exNcp8nQlfKyZt- |
|
.proofpoint.com/ | Name: _fbp Value: fb.1.1588112088850.1253697288 |
|
www.proofpoint.com/ | Name: driftt_sid Value: 5500e4b0-020a-4243-9d48-71fd045b9ff4 |
|
.www.proofpoint.com/ | Name: __ar_v4 Value: %7C7YJ7XZCLMRHSVCXIHB5HIT%3A20200428%3A1%7CYV5KYXXEJZATZCT37YRTMK%3A20200428%3A1%7CT47Y2VPPABDUBJXFROMZZM%3A20200428%3A1 |
|
.proofpoint.com/ | Name: _hjid Value: be4eb80b-87f6-4977-a1bd-8765ddec0f52 |
|
.proofpoint.com/ | Name: _ga Value: GA1.2.304155067.1588112088 |
|
.www.proofpoint.com/ | Name: __adroll_fpc Value: 70e4d6e860b8f938955dc1317ac7f477-1588112088634 |
|
www.proofpoint.com/ | Name: driftt_aid Value: be7e3cbe-ac4c-4e07-aff2-e371b2c0d502 |
|
.proofpoint.com/ | Name: _vwo_uuid_v2 Value: D0044DDB650738DD1DAC8B2F067E7C9DB|a72c485456651ac8c430bfd21b74bc76 |
|
.proofpoint.com/ | Name: _gat_UA-2257074-1 Value: 1 |
|
.proofpoint.com/ | Name: __qca Value: P0-1492870213-1588112088598 |
|
.proofpoint.com/ | Name: incap_ses_246_177663 Value: VyeyET7geTncN0C+LfhpA9eqqF4AAAAAT5cryER/7jPIJMN3QvvqKQ== |
|
.proofpoint.com/ | Name: _gid Value: GA1.2.1128882449.1588112088 |
|
www.proofpoint.com/us/threat-insight/post/ta2101-plays-government-imposter-distribute-malware-german-italian-and-us./r/nhttps://kc.mcafee.com/corporate | Name: pp_user_country Value: de |
|
.proofpoint.com/ | Name: visid_incap_177663 Value: ohAK0KWgTs27OmtapVUZbdeqqF4AAAAAQUIPAAAAAAD1CIf4tuCbkIC2HqEVshLR |
|
.www.proofpoint.com/ | Name: _rtfl_s_handshake_guid Value: 3cda79e5-d1f9-4c3c-a290-a2d9117bd2dc |
|
.proofpoint.com/ | Name: _uetsid Value: _uet51561ab1-cd93-50b9-2386-e9450179bc43 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4788165.fls.doubleclick.net
ad.doubleclick.net
ads.avct.cloud
ads.avocet.io
ads.yahoo.com
adservice.google.com
analytics.twitter.com
api.company-target.com
attr.ml-api.io
bam.nr-data.net
bat.bing.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dev.visualwebsiteoptimizer.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
googleads.g.doubleclick.net
gwmtracking.com
ib.adnxs.com
idsync.rlcdn.com
js-agent.newrelic.com
js.driftt.com
match.prod.bidr.io
munchkin.marketo.net
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
px.ads.linkedin.com
rules.quantcount.com
s.adroll.com
s.ml-attr.com
script.hotjar.com
scripts.demandbase.com
secure.adnxs.com
secure.quantserve.com
segments.company-target.com
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
t.co
tracking.g2crowd.com
tracking.reactful.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
visitor.reactful.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.proofpoint.com
x.bidswitch.net
104.244.42.133
104.244.42.195
13.225.73.113
13.225.73.37
13.225.73.6
143.204.89.126
143.204.89.91
147.75.32.105
147.75.32.13
147.75.84.39
151.101.112.157
151.101.113.44
151.101.114.110
162.247.242.21
172.217.18.6
18.156.0.31
185.33.220.145
185.33.221.50
185.64.189.110
2.18.234.21
216.200.122.11
216.58.205.226
216.58.208.34
23.210.248.216
2600:9000:21f3:9e00:6:44e3:f8c0:93a1
2606:4700::6812:1bbe
2606:4700::6812:bef
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:809::2002
2a00:1450:4001:816::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2003
2a00:1450:4001:820::2013
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a00:1450:4001:825::2008
2a00:1450:400c:c08::9b
2a02:26f0:6c00:296::25ea
2a02:e980:107::cf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
34.250.26.209
34.95.120.147
34.96.102.137
35.241.8.149
52.16.182.42
52.17.245.120
52.215.1.63
52.57.35.19
52.58.189.189
54.93.143.252
68.67.153.60
69.173.144.136
70.42.32.31
88.221.60.75
91.228.74.152
013ebc8682bafe775a56f93904cff8456974906327dad3524e2ab2fe0c0df700
0690bd7bd5dff9a6d837f086adea7a573dd523da0195ba086f8b38df995aaf33
0796293ec526d0aa2afcd3a403c1c8b5707863314cf4db4d1bac426ead264416
079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
168ebd89f3a9ffb66f609bdf01034cb2dd90af136676fde9193abb2ac0e517f4
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1c4631c77522b732edeba876cc705e403754d610d035ba70e9dcb2176c88e458
1dc7010e3ba823724e577311b6933f6fbccc0c7f6419fee83b758e11b735eaf5
1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a
1ee51b94d3a3346cbfb9f77ae1e629353494a22d41986fcf197aeae7ff530d70
2c271c4a665faddbe0cc0775cffff81a985f7ee272e43b346d81cb0dc4fda652
2cfe7c393d823154ee86def4c4eeeff7520b903871d93073ef7ad566a07ea92d
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31d3b087d4e992b80db3a2e9f4b4c78d989400e0fd87027a6b4e5aadf2415ae5
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fff4d39d7b6373df4d2da37edcfc221707441dc8ca8b36c753cb2dd1c790239
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4845e9f0ab8138835df66e6fb4d2f369f72c93c65b45cd8e545055e0382d08b4
4a9abec4e9f9962a1b4ac3f8c3f637be75b3dd39e37a670ca8a33c3c4f9eb2bc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3fc31f17996bdcd89a0b6358ef30b10a4d5b8e436dcd786082965f868f3bd8
509e9601aa4504a1ad09b9cfc58415c5402cdc3e4ec0f44146870a3d9c3719da
51f57a3c7d8a7beb3e7d75e5c9efc04404b4270688be21d6570b423731c9ffaf
5451119aa5fd566ad1bc22ab81193be0154f0e80c69a1b5d9c99d217f5737e3a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5845e8453fb8ad463202d8314428e13413d953b87a024ab6eedb0e988e620c19
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5c2dcc7280f9f75b2123f8512238e0fb4598e19f1d4da2206d37e613696b50f2
5f967fd41346c0fc1b9b44fa69c52bf1e754420c59c8017cefb0a14a764cafa4
68bf74082f8a4c49d604ea4c599e861b5dd032b1497a75231b74ca1b20853dcb
73abcdba8b61ea9513c74192393cecce485ae1243f56c1cde5d61cd95650279b
785386e38e422ac73429f53fc111599e675d9a02d75b3320c6c85d7df42fd232
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8501e92bdd78cd8e05c8b101891d49c87df8a1b82b3bbfa475c83c14f4f483cf
87ca6b47a6b9474223f530e7b8ea424392eb664d0dd417d61c31da449a5f5c4f
88b3102f2889489e2db30d672885b580d0275e944baacebc652c90ce2263d7ab
93fa8b2f6e13b1ac02946cf42cebafaa637e07feb93b926eace76fd5128df564
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
ab7954e1447f64d179eaec1e53a64438f59fc59a3d701897acab070e1138f849
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8eff877bb3c6f92199e81788b22b43f1c11dbf4a7fc8b381cab815ba6a2a35d
b992f31c27f071a3d45841e24bf889829628caeb20e1dfa426a84969705d6443
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0269ba28d9ec51948de3000f364e6890e8a369ab832b4deb572415845a39712
c16187e4fc3376f1e9af34703979d3f9d9cca87067adc4a63d2c0cefa5828248
c4a220432424eb8109e2cc0bf6855e684148e606337f706ba226873fdc003a66
c7d7214a0b940c1ffcbd64689a576c5847b42e886da3ad9ea45bc4cda214bac8
c8de55874475c175335f0c6fc79e975cc9325630e3641389c18ae7ae5ab9a981
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca76057cd670f588df991cb00fb1f230de6cde0d7f19f21743981f12c69ab50a
cc80114d90c7ecae126be5d8af9df7789184890dd1f2aca8d07eb60d96bf5d17
ceb810209db25558f5023859835a13c7ca43a7f77feff6752b042b2a8e9b00bc
cee2bb03171a567a8cd35860be7c776aac49ca6c77516bcc30add40d53a08a01
cef5e7a8bbafdc0187cc3bd50db0417a3ed578deec09d93fe306bddf30a9ba43
d1c6032b67262b3855f2ae2702f0497cf50f3caf6ce5211641f1756ee3a4332b
d43e3abd2704bd958444aa0b7544900b1e13fc70ba557c32167cf8806f406fae
de01cfa09868330494bbf2a8157156aee6f827675d3f050c4b2ddbcf758e0d41
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0b6d26489191155d30162f050cf2a964afb8cf054e3f59e7f710942a9a12293
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f156ae940f7e272f1319e3a835871f632bc4275105f4882685a3435d7ed4e3fb
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fa073b185f34f50f1eadab017755057bf1831a50cd86cf2fb6587c3564ee131d
fa8d00de4d9acf49fccb202f273ba09102e673a8d46bdb520d6bc9b5e740cbcd
fab816e037c0f67ab424c67234af03471c66a13357d6e187ecb238a2eac62a04
fe029c6cb1d4cb22e10acd3b28c0ad29c70214c4825c9f6daac95698f71373f2
fe5f2a40422e9a55187b3204161cbce1ba1d03a2eb4fa971bd10451562fed99a