www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Submission: On December 07 via manual (December 7th 2020, 3:56:43 pm UTC) from IN

Summary HTTP 133 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 37 domains to perform 133 HTTP transactions. The main IP is 2606:4700:3037::681f:5ebc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.insurancebusinessmag.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time www.insurancebusinessmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3037::681f:5ebc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
6	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6ea4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
5	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.190.50.98 35.190.50.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1 5	104.111.214.206 104.111.214.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 1	54.78.251.22 54.78.251.22	16509 (AMAZON-02) (AMAZON-02)
1	34.254.144.210 34.254.144.210	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	34.234.81.220 34.234.81.220	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
133	45

10 2606:4700:3037::681f:5ebc (United States)

ASN13335 (CLOUDFLARENET, US)

www.insurancebusinessmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.206.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6ea4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn-res.keymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.50.98 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com

cdn.sajari.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

insurance-business.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.214.206 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-206.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.251.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.144.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-144-210.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ce654f678be0318f6cac559cfbf39aee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.81.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-81-220.compute-1.amazonaws.com

nextroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

re.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com ce654f678be0318f6cac559cfbf39aee.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	331 KB
18	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	134 KB
10	insurancebusinessmag.com www.insurancebusinessmag.com	83 KB
7	googletagservices.com www.googletagservices.com	201 KB
6	facebook.com www.facebook.com	679 B
6	adroll.com 1 redirects s.adroll.com d.adroll.com	71 KB
6	cloudflare.com cdnjs.cloudflare.com	23 KB
5	disquscdn.com c.disquscdn.com	230 KB
5	google.com adservice.google.com www.google.com	425 B
4	facebook.net connect.facebook.net	230 KB
4	addthis.com s7.addthis.com m.addthis.com	191 KB
4	fontawesome.com use.fontawesome.com	184 KB
3	hubspot.com api.hubspot.com track.hubspot.com	842 B
3	disqus.com insurance-business.disqus.com disqus.com	33 KB
3	keymedia.com cdn-res.keymedia.com	251 KB
2	sajari.com cdn.sajari.com re.sajari.com	23 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	jquery.com code.jquery.com	96 KB
1	hubapi.com api.hubapi.com	707 B
1	nextroll.com nextroll.com	2 KB
1	google.de www.google.de	108 B
1	hs-banner.com js.hs-banner.com	12 KB
1	usemessages.com js.usemessages.com	20 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	google.pl adservice.google.pl	803 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	addthisedge.com v1.addthisedge.com	762 B
1	moatads.com z.moatads.com	1 KB
1	zoominfo.com ws.zoominfo.com	725 B
1	hs-scripts.com js.hs-scripts.com	733 B
1	googleadservices.com www.googleadservices.com	12 KB
1	googletagmanager.com www.googletagmanager.com	45 KB
1	sajari.net cdn.sajari.net	200 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
1	googleapis.com fonts.googleapis.com	724 B
133	37

	Domain	Requested by
16	securepubads.g.doubleclick.net	1 redirects www.insurancebusinessmag.com securepubads.g.doubleclick.net
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.insurancebusinessmag.com tpc.googlesyndication.com
10	www.insurancebusinessmag.com	www.insurancebusinessmag.com
9	pagead2.googlesyndication.com	www.insurancebusinessmag.com securepubads.g.doubleclick.net
7	www.googletagservices.com	securepubads.g.doubleclick.net
6	www.facebook.com	www.insurancebusinessmag.com connect.facebook.net
6	cdnjs.cloudflare.com	www.insurancebusinessmag.com
5	c.disquscdn.com	insurance-business.disqus.com
5	s.adroll.com	1 redirects www.googletagmanager.com www.insurancebusinessmag.com s.adroll.com
4	www.google.com	www.insurancebusinessmag.com securepubads.g.doubleclick.net
4	connect.facebook.net	www.insurancebusinessmag.com connect.facebook.net
4	use.fontawesome.com	www.insurancebusinessmag.com use.fontawesome.com
3	s7.addthis.com	www.insurancebusinessmag.com s7.addthis.com
3	cdn-res.keymedia.com	www.insurancebusinessmag.com
2	api.hubspot.com	js.usemessages.com
2	disqus.com	insurance-business.disqus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	code.jquery.com	www.insurancebusinessmag.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	re.sajari.com	www.insurancebusinessmag.com
1	nextroll.com	www.insurancebusinessmag.com
1	www.google.de	www.insurancebusinessmag.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	ce654f678be0318f6cac559cfbf39aee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	d.adroll.com	www.insurancebusinessmag.com
1	d.adroll.mgr.consensu.org	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	cdn.sajari.com	www.insurancebusinessmag.com
1	z.moatads.com	s7.addthis.com
1	ws.zoominfo.com	www.insurancebusinessmag.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	insurance-business.disqus.com	www.insurancebusinessmag.com
1	www.googletagmanager.com	www.insurancebusinessmag.com
1	cdn.sajari.net	www.insurancebusinessmag.com
1	maxcdn.bootstrapcdn.com	www.insurancebusinessmag.com
1	fonts.googleapis.com	www.insurancebusinessmag.com
133	47

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.lifehealthpro.ca
learn.insurancebusinessmag.com
kmi.magazinemanager.com
shop.kmimedia.ca
bpaww.com
www.keymedia.com
www.wealthprofessional.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cert00041-azurecdn.akamaized.net R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.sajari.net AlphaSSL CA - SHA256 - G2	`2020-08-03` - `2022-09-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.sajari.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2022-06-11`	2 years	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.google.pl GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
nextroll.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh
re.sajari.com GTS CA 1D2	`2020-11-26` - `2021-02-24`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Frame ID: 5582695DCD197FDB0FF48062C75184EA
Requests: 87 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FA46000E3F73F2BE3479109AF6B9FE9B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C7266998D15ADF64017BE9CFEFF03877
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default
Frame ID: 1014CACE384CB4E826299285975FC096
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCA3Ms5lFU6V-YXjsPPJ82HdSQ3cwXORd24OIIiVGxca3OGNCzkEbf7iqYXMdmmkPZ-MJ2d5Pu1wEgV-zcHw5QUO8Lm7Njx6gHIZRUWqslNUSXCnH_6Zc95zgJJYJAKOFLWWBC9i15yhTJRlvRLDWnTGAedLVylDRZVMMzx6ZYNBVPE-tcSWDWv1DifKVFvXNx9xdPlYxCqI4QQfBJg4Lp-bIPA-PhwQR3xoCk0l4QI8FHVgOWGeC6YKHtF9BjQ3O64kgOmda4QiV4kh1iHeMDfM4Du5aJJDOmi7-okHRs5qPbFLMmo3QElxjvd8y4pDS9RFIz&sig=Cg0ArKJSzKjz9M0pK1CTEAE&adurl=
Frame ID: 2D9087E069B4873406910A25A10C5E44
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue5lLG5hqublvwFbGpmsnjLpz6swPuSLaNSDTO1w3CJE694oh3bPSgMCx1MdOz1mfZOWEwB-FgV6qgmQNrgc7UadHw_rLzAetRcZOZYXJg7Mdd8XX-MAfWKYRrIChWvnhf_CtZ7WjrnFMueHENNrmozQ36m5rgpg7HHed1Ez4oBRiPV9mH2bXzw99VVeX_B016tS1y0ScCRdzZlaRXCMqzyqt65jtnWFfEFSiPnQAplmCNROOEc3J0SnpTNBTzWaBICx4N6s5BGGHrLmqcxJt3lMcVwq2L_9xqCFFM&sig=Cg0ArKJSzHQtfyPo7DSZEAE&adurl=
Frame ID: 4B0FAFA96734D76EA9527ED5275B4B63
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHAIgIqIuNjxG7GPt2EhI82TZvvcTW6GB49KY55yJhJkdSepdQ8xOxrTalSkj4MBZbcTwvdgKqgXKzxjYUv1KfAyxWbpxRBX8YOJkFiVNSd9bpQ49MWMk8O-I7SwWcMvJ1hObG8U8yRP342VeAWrJCvSy9tqyBg459gMdSyJ4jjeNnwl_IunWQmEin2mW3Npu3K6AUxmblpJhcqY_CYJVgWUBAaQhr5qkMl0KKaztYQwLbQUqSHuxa93rUmE7qdeLtxnBDLUIOsdSbN6K8L3SbJrRhN4_UQl8FHKld8g&sig=Cg0ArKJSzN2wWuhwM-TsEAE&adurl=
Frame ID: 012AB1125C7EEB72A8A7A22DEF627D3D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5XlzcxTeYi17-XMpsL_2P0odyJnJlqSO9aoJYXeV5R50nN-EReqJYaAdEkCeMcg6WV9zJeyeMD9-zEZ1GbF721NL-s1Ld9m-IUgwyiMWfZ5DAuhucJ_cnkOU5LUWVv-enDpJqQr6dgepymSlrNWeFOplSJQEZYNXdjuxeODS0p8WQIGDiJt7YQXzoLRDabdg-mqFpPz9a-ohhrvGrZoCdIKc3U1NFISFfiCgJA4fWQ-VBBSgMiPHr3rhLapZKgz8ywOOcyPqCVfLZcCmU-W8IMI9sRTMtbmI0SuvlNw&sig=Cg0ArKJSzMTpjoT9xW7qEAE&adurl=
Frame ID: 9FD32C491EEABC2E4392FDC26D3B1CB7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/13810547153303696996
Frame ID: A057C03ED9EC1EE3B7E05833654E4AD8
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSkm1KaD-YHODh51etQs-EOCAW82aoBjf2AOsIgnkM-HvVnuJraYm8knDtv_KILM2CSbW5sPF8nKgV_9Qc4nhmISR7Hx8nRoI8-Hs3s108SrrRCPnxPG-AW9HIfd3jQJDL3xy70naOgWOgeAxeb8Oi1lQRtbIqSdtyVxH7YEbRfFpCh4lYCbbZniWm8Ef3Z4DSfIb_EbOfaNsuVd2UstVn1bbuZ3SnIkCUd0wneXdfMfIP0IQz9XUwQzZs2OJJihBEtFzhBXyzoyh6XYf7QeZ8uMuwc2bTSWwf8rmrDA&sig=Cg0ArKJSzGO_gxR_Qjh7EAE&adurl=
Frame ID: C6A62E92D853A728FF685249AB80FD2B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2ElMVjUCERoln83DfP8LTk5ulKyrx0YvlS0eyX_Zw7UkWvadtguFD84BMM4b9wk28o7aok6no2iJa7n7-a-t_0_VsLZVfxVtdWvK6QYbpVOyVPHdqCxIqptb2YL_6tyFacwqQKYxfrd-csEVWx0lgI3m6gU2S2oTNq7RU_RJrmtvL9wzjtJAD7TPwAc_XdJslZyogp45qd9Ojn_rk3M2LSnGhnj5Uo1MJavPJmvu5G-F7cxm7KuHaWURpUM4xE4m_5blGiAejgeZogt1QjK-G1STiaMDBEaJmyaRYSw&sig=Cg0ArKJSzIlp-qH-PZHiEAE&adurl=
Frame ID: CAECE683453C52918994945D25085F63
Requests: 7 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 0F917E1415058F18AE93833A512A2F4B
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: CCF4C9E94413467FF96E0F766B2C8FD8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 9A9D1F0E00F6C9C2E1C806226A7D3317
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

133
Requests

99 %
HTTPS

73 %
IPv6

37
Domains

47
Subdomains

45
IPs

6
Countries

2448 kB
Transfer

5643 kB
Size

15
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/InsuranceBusinessCanada

Search URL Search Domain Scan URL

URL: https://twitter.com/InsuranceBizCA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/15154282

Search URL Search Domain Scan URL

URL: https://www.lifehealthpro.ca/
Title: Life

Search URL Search Domain Scan URL

URL: https://learn.insurancebusinessmag.com/
Title: eLearning

Search URL Search Domain Scan URL

URL: https://kmi.magazinemanager.com/subscribe/subscribe_renewOnlineCFGS_KMI.asp?renew=&source=IBPAID1
Title: Magazine

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/magazines/back-issues/insurance-business/?sort=newest
Title: Back Issues

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/special-reports/insurance-business/?sort=newest
Title: Special Reports

Search URL Search Domain Scan URL

URL: http://bpaww.com/bpaww/#?targeturl=/BPAWW/MemberTools/AuditedSiteTraffic&target=2&languageid=1&homepage=/bpaww/Content/MainContent/Home/Index.html&footerpage=/bpaww/content/maincontent/footer/english.htm

Search URL Search Domain Scan URL

URL: https://www.keymedia.com/?__hstc=226989634.22a0993f0caccf86c36314515a3d0b58.1607356587812.1607356587812.1607356587812.1&__hssc=226989634.1.1607356587812&__hsfp=2978788718
Title: Key Media

Search URL Search Domain Scan URL

URL: https://www.wealthprofessional.ca/?__hstc=226989634.22a0993f0caccf86c36314515a3d0b58.1607356587812.1607356587812.1607356587812.1&__hssc=226989634.1.1607356587812&__hsfp=2978788718
Title: Wealth Professional Canada

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 50

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=de31234913e068ad2eb7191514a0dec6&_b=2 HTTP 302
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=de31234913e068ad2eb7191514a0dec6&_b=2

Request Chain 90

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-viPwY4OXCL0qNetB2cBVn97HhAHc4LGspGolHBrK-ZNdA1oB1Qj2PAl3ma87TJIfsflo-v8f-0ajg08sTGHHaX4_QBkjYxwKcmHUoW7dcYuv3aM4LHPb9iUR1Mahl2g2Ll8ZHYxlSY-dWFGBkhb54VBOxEW3HiWYuPchaDblaQ1lYXHIsCC7NqWMjjUlD_DqIFqlIFUITrg2gRAfOrHbDKXCvv8EQsx2sqPPRGvpZfxhzuqFhqnm9ctwwwVl6bIBhhMJ80AMHsDMn7pulqdqTWKCWEhkUZUT3nlq4Hpg7g&sig=Cg0ArKJSzNS3t4fe88rFEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/13810547153303696996? HTTP 302
https://tpc.googlesyndication.com/simgad/13810547153303696996

133 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx Show response
www.insurancebusinessmag.com/ca/news/cyber/ 56 KB
10 KB 553ms
528ms Document
text/html 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7e0a81e413278984786f130c1c56e5b93d19d9cfdbfd1d2622b3d7a4969c3d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.insurancebusinessmag.com
:scheme: https
:path: /ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d591f8ac6c5f8c2c493e226fdadbed6db1607356585; expires=Wed, 06-Jan-21 15:56:25 GMT; path=/; domain=.insurancebusinessmag.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06df842e960000980e5f322000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uGUb6bbnaeyBv9Pw2Ft7Y6UlMovl3ko9902SZb75dzXTWaA2odcHXW2W%2Fl8CGDPasUMO9juUd%2B8fOr4bVv0Uk4MCeh8iLCb4P6MOxWcE2pp0eMtEcXfMqRKFC3j%2Bhx3pCzBgOb8fyaGv"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fdf6fc429bd980e-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 4 KB
724 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 14:54:11 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 15:56:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:26 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.1/css/ 58 KB
15 KB 129ms
42ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 15:13:10 GMT
server: NetDNA-cache/2.2
etag: W/"b227b1617a1763c8bc056772f05482b4"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
785 B 19ms
18ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 444621
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 394
cf-request-id: 06df8430ac000097b4b6261000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZvDVXcc2hrmt6XgcQp7xUAo5TCEyd9ZlF5KQIgl%2FoTAi0vpTkba15z57WMllfp0sAY2CDvQ2pkcdSMlB%2BkH1jSXJ6uqVZK0V6CeQBnmz1WjrauhO3zCD8NFQSihDRvIhPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf6fc77f8b97b4-FRA
expires: Sat, 27 Nov 2021 15:56:26 GMT

GET
H2 200 site.min.css
www.insurancebusinessmag.com/css/ 217 KB
31 KB 29ms
28ms Stylesheet
text/css 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 645
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 06df8430ad0000980e683ea000000001
last-modified: Thu, 26 Nov 2020 05:10:15 GMT
server: cloudflare
etag: W/"1d6c3b26cbd77e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hll9gfAVDxWrj9odMGL%2Fyxw75DAKK7aPsIa44fGhjRUBA%2FKMPNqQ9fASuK6%2Ferw1cqHXW9ItZkiBY9A3OGGKVCZ62TIDaI48oeOu6wWf6j0i3CqPHCzKrQHx%2Bh0EBHvmkYpThGw3EILo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5fdf6fc77c0b980e-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 54ms
51ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

178199a0ed5c0a2790923171ce0c742550171650d6effe185838e07ee0625649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "716 / 818 of 1000 / last-modified: 1607343165"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18601
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:26 GMT

GET
H2 200 logo_gray_ca.png
www.insurancebusinessmag.com/images/ 5 KB
6 KB 17ms
13ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_gray_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5438
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5287
cf-request-id: 06df84314d0000980e683f5000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310c627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YqlM%2FgwZMwkCho5%2BkDIcoecTkoG2Q3TRJHXme6HBui2SV36JNVHu3Lba1P%2F%2FzRlFOphRr7AJJgnszAaEGf8AzYLQMq8eo2PrUL5psd7kod%2FB67vd%2B84m7V2X7hB4i5LwBEgFdCYEsKVI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fdf6fc87cb8980e-FRA

GET
H2 200 logo_ca.png
www.insurancebusinessmag.com/images/ 11 KB
11 KB 26ms
23ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5438
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 11195
cf-request-id: 06df84314d0000980e4b2c2000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f93b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WOxQZmmo%2FkGOvjvwOOaCAuC5G9uM0Q%2FKUXjf3aRJvgycbOCgyKyWVUo0V2cGj6gEuFUb4am5wcAfLWp6GEBhRM77hGlM%2BWXrIBwKz7U%2BIwBWXXNQbx%2BqafWkDRmKXkEOdYHA2AzNUIJl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fdf6fc87cba980e-FRA

GET
H2 200 logo_ca_mobile.png
www.insurancebusinessmag.com/images/ 8 KB
9 KB 20ms
17ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca_mobile.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5438
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 8597
cf-request-id: 06df84314d0000980e5cb14000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CactBBSz0OKgEgrtLAL1CshRhQJQvYKwyfCVA8%2BXSbg9fa1mgWwiGVQ92UBUIG7MFsseI7vf%2BXf1gxeRx9Fn89r4YPqQWGi3c6Iw0iV4gfU79kbVjTcg%2BFavVKlTXQBO3rbAJVIO19E3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fdf6fc87cbb980e-FRA

GET
H2 200 0270_637429306728087852.jpg
cdn-res.keymedia.com/cms/images/us/023/ 71 KB
71 KB 32ms
14ms Image
image/jpeg 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0270_637429306728087852.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 15:56:26 GMT
last-modified: Mon, 07 Dec 2020 09:37:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PdMDAfDpsglIvzXuEVA+hQ==
etag: 0x8D89A93C504BE16
content-type: image/jpeg
x-ms-request-id: 620743f1-a01e-00e5-0b7d-ccc0f9000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: istock-cyberattack-technology-606671804.jpg
content-length: 72201

GET
H2 200 img_enewsletter.gif
www.insurancebusinessmag.com/images/ 3 KB
3 KB 21ms
19ms Image
image/gif 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/img_enewsletter.gif

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2142
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2866
cf-request-id: 06df84314e0000980e562d1000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d9b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pqKt22lJfbwtzmQ0M6y5y1gMeqKNKR3000yQLD4WcZTC%2FKzADupXgmpLQt6etXXd%2FHFj1LHnvftFKo5LgJ5C78nq%2BPMd%2FA1xsy3IeE97Ep%2FYi4RIHkE6pqJqWLvIiiUX%2BO0FMQczLRFy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fdf6fc87cbd980e-FRA

GET
H2 200 0116_637274390792424475.jpg
cdn-res.keymedia.com/cms/images/us/003/ 62 KB
63 KB 26ms
8ms Image
image/jpeg 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/003/0116_637274390792424475.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 15:56:26 GMT
last-modified: Thu, 11 Jun 2020 02:24:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: +LKLZmxgLlM+nItRoCYu6A==
etag: 0x8D80DAE97B905DE
content-type: image/jpeg
x-ms-request-id: 6a6e2de0-801e-0006-2771-60a204000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: IBA Talk Hompage Tile_D.jpg
content-length: 63674

GET
H2 200 0132_637411468949978004.jpg
cdn-res.keymedia.com/cms/images/us/023/ 117 KB
118 KB 31ms
13ms Image
image/jpeg 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0132_637411468949978004.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Dec 2020 15:56:26 GMT
last-modified: Mon, 16 Nov 2020 18:08:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: X1bLcJFJA0lHQYgdq4kMbQ==
etag: 0x8D88A5A96AC059A
content-type: image/jpeg
x-ms-request-id: 3253528b-901e-0057-2044-bc3f88000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: New Project(14).jpg
content-length: 119767

GET
H2 200 BPA_WW_MASTER.png
www.insurancebusinessmag.com/images/ 5 KB
6 KB 20ms
18ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/BPA_WW_MASTER.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5438
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5609
cf-request-id: 06df84314e0000980e760af000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: "1d5b3e883a97ce9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cfdeRvi3bcwh6oBEfLxqCMfimsQc8amTGR82VOImPGK652uuu3NNGdzS4IggZtkPY8r8vF3oFHoxkpjqHitUUfHi2calJEgBIml4b8PT%2Bnit049zq0r%2F39smRIl3HiEJ3gNsgORYjR3n"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fdf6fc87cbe980e-FRA

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 23ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1607356586.dop212.fr8.t,1607356586.cds206.fr8.hc,1607356586.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 9ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1607356586.dop212.fr8.t,1607356586.cds206.fr8.hc,1607356586.cds251.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 33ms
16ms Script
text/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
9 KB 13ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 444621
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 9283
cf-request-id: 06df84311e000097b4a2110000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s07O6NMJ45P43bZSbdCkkk09aiCzYKLZ6QwUkZNXmVZDsRMzOvzXAv%2Fumxxnpm7IlEKqAMjXsSSNSyL2m%2FLVVrtpPPNwEvjJp%2BVjNmQVvRHWUB2EZ2kX2Fis%2F%2BuGOFQ38g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf6fc83ff997b4-FRA
expires: Sat, 27 Nov 2021 15:56:26 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/ 23 KB
7 KB 14ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 398785
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6677
cf-request-id: 06df84312f000097b49da72000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5add"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rfGrdmbPk093JDHUSrAgI3FGcKtr3X18sSbf4OC0gkbfQTOk7s7goJMN55BIPKrRTfkg%2BumqFUkGD8jSP3mhQbsymHD8HiGkr8yN7xDHGmy52YirKbNJs4c9DunE%2FRGwoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf6fc8481797b4-FRA
expires: Sat, 27 Nov 2021 15:56:26 GMT

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/ 5 KB
2 KB 13ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 444606
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1740
cf-request-id: 06df84313f000097b49da73000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Gcw9nfIQ0Jsb7JwyPKIIfOelUv6eJsqweSbTbFIChJvHpAPoALiFxTqYVPbMP1khnTmAMhoCWWUIJ6UnNtGOwJy2lYopDJHB637FfEi%2BJY5yVP14kIpVwPYT%2Fql8zbUXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf6fc8682b97b4-FRA
expires: Sat, 27 Nov 2021 15:56:26 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 2 KB
1 KB 23ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 444618
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 746
cf-request-id: 06df843142000097b4b6269000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lumle6jGbODtSlhSmqLYnB7VHzaEs0x%2FlR%2Foi5pj8iljSZoEjVU5RLXXfSPbjvutnM6%2BYBDWEOxxK8gaAEl5Ra2v3o9tK5kEIF2jc55kvfZ33NRLJgJlFLobvrIEYX2SdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf6fc8683097b4-FRA
expires: Sat, 27 Nov 2021 15:56:26 GMT

GET
H2 200 jquery.bootstrap.wizard.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/ 9 KB
2 KB 20ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/jquery.bootstrap.wizard.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 392566
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 2027
cf-request-id: 06df84314a000097b4bd0af000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-23da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4edUbtZIc8pqlBDNYUFz2l3ya8xmWHaMXvK2NrUQnAmi%2BE9apFbgl5XlgfYuhGdYv6l2lsIJ7RKOmJ9t9RsRlAfAsmPTAR5fjTDRbouFlewJixMsDKCYXaWiZlKwjlmbeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fdf6fc8784097b4-FRA
expires: Sat, 27 Nov 2021 15:56:26 GMT

GET
H2 200 site.min.js Show response
www.insurancebusinessmag.com/js/ 3 KB
2 KB 22ms
18ms Script
application/javascript 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/js/site.min.js?v=a8CgVlJJa2pHH6NyWSDRb1xgq97m0DJCCfQmFEGXcpU

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2143
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 06df84314c0000980e6f165000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: W/"1d5b3e883a96460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Dgm%2FQzja%2BL8Ikx2Y1iCX5lygTtOIQSvWyiq0YLt%2BV%2BUUqeVSVyy6t1WEuWgOX3MkXU84dhFdgYkFEte2wqTGHjGAo3lmEGMFbd0ZOKf0HvHyaHEh602YBe2TqOairAzQGCDZMkUGMlUE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5fdf6fc87cb5980e-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 151ms
50ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 07 Dec 2020 15:56:26 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 website-search-1.4.js Show response
cdn.sajari.net/js/integrations/ 662 KB
200 KB 147ms
45ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.net/js/integrations/website-search-1.4.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 09:16:48 GMT
content-encoding: gzip
age: 23978
x-guploader-uploadid: ABg5-Ux35agqFh9S7HZCXZOQnPqQ1h7omg2lsAdLPmKv2-TLyMoyrQu8c8zYj4AXcP_d5G9i6ZT4Yov-Iay7fw9PasffPcruoA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 204181
last-modified: Fri, 27 Nov 2020 01:20:45 GMT
server: UploadServer
etag: "65c7b0342e669c616f2779114a738111"
x-goog-hash: crc32c=lavJ7Q==, md5=ZcewNC5mnGFvJ3kRSnOBEQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1606440045862038
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 204181
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Dec 2020 09:16:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
45 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80479814589d820a87ac07a15295f8ed6bd207bd4c6750c72910093af88e79b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45520
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Dec 2020 15:56:26 GMT

GET
H/1.1 200
OK embed.js Show response
insurance-business.disqus.com/ 70 KB
23 KB 428ms
327ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-business.disqus.com/embed.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

6992358481162b8b95756e126d945e3eb99fb696b22e80672e7627ad0a8ef896

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 15:56:26 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 23291

GET
H2 200 keymedia_logo.png
www.insurancebusinessmag.com/images/ 3 KB
3 KB 14ms
13ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/keymedia_logo.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2140
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2797
cf-request-id: 06df8431570000980e683f6000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d86d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hoNYpCJEXJqwfq%2FCGCRTroqP9vu7L4KtpPAVmbfdK5rkalOGLQCEOgtxeFwQNrGS0IO6NfU4f7dZk2eTs5XuJJF%2FFrgzjNymRDr7XOKVaT7vuW3V2tpVIfE1y%2FntPJ4w7gFGUtkJcNCN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fdf6fc88ccf980e-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 20:01:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 330914
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 03 Dec 2021 20:01:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 21:21:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 412511
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 02 Dec 2021 21:21:15 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 47ms
46ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
last-modified: Mon, 05 Oct 2020 15:14:37 GMT
server: NetDNA-cache/2.2
etag: "8e1ed89b6ccb8ce41faf5cb672677105"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 80300

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 77 KB
77 KB 85ms
84ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
last-modified: Mon, 05 Oct 2020 15:14:09 GMT
server: NetDNA-cache/2.2
etag: "f075c50f89795e4cdb4d45b51f1a6800"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 78460

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 13 KB
14 KB 100ms
100ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
last-modified: Mon, 05 Oct 2020 15:14:17 GMT
server: NetDNA-cache/2.2
etag: "4a74738e7728e93c4394b8604081da62"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 13548

GET
H3-Q050 200 pubads_impl_2020120101.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
100 KB 112ms
60ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

67f7f7a4b931bca20fac7c458969034200f3c64187b84782da9659f07ac5f247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 09:38:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101724
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:26 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 51ms
51ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12174
x-xss-protection: 0
server: cafe
etag: 1959326039972715456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Dec 2020 15:56:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3996
date: Mon, 07 Dec 2020 14:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 07 Dec 2020 16:49:50 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 39 KB
13 KB 146ms
51ms Script
text/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 383e5f611a5c1637137d721c623842d4ad37fbb609e726a0a086b8fdd4c481cb

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: yT2i2LUnffbkUbjAt0k2siAlAt3lg4XR
Content-Encoding: gzip
ETag: "28571dc94738b2d5c8135d1bc9804d74"
x-amz-request-id: D8CA31517EEFF851
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12463
x-amz-id-2: PkdqUa7SG6Ah0SpKR1grFBRfosBP1h3P1ltrX3Wcyf1SBZYz90A7rCkQce7e5vNXvQZTeFm3u8g=
Last-Modified: Wed, 02 Dec 2020 20:32:00 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 15:56:26 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 3830659.js Show response
js.hs-scripts.com/ 2 KB
733 B 145ms
143ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3830659.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66b391a7c8b6520dd2480ed1cc4aa862d970b7ecb212abc7e19d1c2a3a6bcc2

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B99200270105055FBFF3F13627D1C88A847BD94AD000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 5fdf6fc9c94d1f1d-FRA
cf-request-id: 06df84322100001f1ddabda000000001
expires: Mon, 07 Dec 2020 15:57:26 GMT

GET
H2 200 H374CbiJXbyMaC6o2MeO Show response
ws.zoominfo.com/pixel/ 0
725 B 215ms
190ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/H374CbiJXbyMaC6o2MeO

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5fdf6fc9f81c2c0d-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0
cf-request-id: 06df84323900002c0d7eb27000000001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: yqASvQtzapRy6h19Fy6Ub5V3+HK+CyVMfhZRD3VyPLIqScGur9bUSwjWweGX6oMlqULMWp+IRmAEBK/ZgzFRhg==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 15:56:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 150ms
48ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 6CDA04CEF72D568E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=45656
accept-ranges: bytes
content-length: 948
x-amz-id-2: vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=

GET
H2 200 sj.js Show response
cdn.sajari.com/js/ 73 KB
23 KB 123ms
40ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.com/js/sj.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 04:32:29 GMT
content-encoding: gzip
age: 41037
x-guploader-uploadid: ABg5-UyzEwP7zQd6G85zs3Jfkql7AbpQ3ofMLNcL8k3K0KCWJDi-qXsObkBTGTiy-5if0Oc1Tcr45aRqWzU9TlrJ6jOKOMtmzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 22520
last-modified: Fri, 09 Aug 2019 06:30:26 GMT
server: UploadServer
etag: "3fff0fe5f3afe436da542b563b190778"
x-goog-hash: crc32c=dbS54A==, md5=P/8P5fOv5DbaVCtWOxkHeA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1565332226271049
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 22520
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Dec 2020 04:32:29 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-57392d15fa194164/ 2 KB
762 B 217ms
214ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-57392d15fa194164/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
etag: -1792729687--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=57, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 585

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 228ms
226ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fce50aa1b40b7ba&bkl=0&bl=1&pdt=559&sid=5fce50aa1b40b7ba&pub=ra-57392d15fa194164&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.insurancebusinessmag.com&fp=ca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1607356586580&jsl=1&uvs=5fce50aaed75e5aa000&skipb=1&callback=addthis.cbs.jsonp__32103345698067810
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bfa2b2b73cc814ffe379b03727848cad8304b7f58c6065f49a0428eb65a20c5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:26 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FA46 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C726 0
0 73ms
72ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 07 Dec 2020 15:56:26 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
397 B 74ms
22ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1386678060&t=pageview&_s=1&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ul=en-us&de=UTF-8&dt=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1873104330&gjid=6388347&cid=374639706.1607356587&tid=UA-67143636-4&_gid=1384878839.1607356587&_r=1&gtm=2wgb41PVJZ6HP&z=718712345

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 239203017352524 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 92ms
92ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/239203017352524?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: TFFZwVUbkf/Yf1pGMQJEE4IwVIV2onTgz/jzi0mfmJsamVywaCnBQn5vXaYSZJxB9wkD0392jlh2IB4Fi5I7iA==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 15:56:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 213897403
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/?random=1607356586708&cv=9&fst=1607356586708&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05eea797cc21885a326e74c661ba237051e4a6f9abe2e81a8f6f76390efce52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

45ms
45ms

Script
application/javascript

104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NRd5BJy3mTVGILCcmBdUI4KKHh2sq935
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 7W9WAWDN1PDJ9K6T
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE=
Last-Modified: Wed, 02 Dec 2020 20:19:48 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 15:56:26 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 07 Dec 2020 15:56:26 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/ 1 KB
1 KB 148ms
58ms Script
text/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _mn1D0VtNh5freWhh9.kCWYn3Qouzsse
Content-Encoding: gzip
ETag: "3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id: 6B99C8ABABB88D46
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 635
x-amz-id-2: 8Ntj3t+1zhytmEs1jF4ETPtx3N2P1xbq+UEU2s949XQKYAYr52T9NfnUCfzlZ+eZYSjFBR9/BbY=
Last-Modified: Sun, 06 Dec 2020 20:41:15 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 15:56:26 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=de31234913e068ad2eb7191514a0dec6&_b=2
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=de31234913e068ad2eb7191514a0dec6&_b=2

385 B
478 B

180ms
59ms

Script
application/javascript

34.254.144.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=de31234913e068ad2eb7191514a0dec6&_b=2
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.144.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-144-210.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: c218dd8197b9f853bf79752b9865965a0d3078f9fd1faa60b2f0b06d253b2338

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
server: nginx/1.18.0
content-length: 385
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=de31234913e068ad2eb7191514a0dec6&_b=2
date: Mon, 07 Dec 2020 15:56:26 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
803 B 36ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
317 B 17ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 fancybox_sprite.png
www.insurancebusinessmag.com/images/ 1 KB
2 KB 23ms
23ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/fancybox_sprite.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 644
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 1362
cf-request-id: 06df8433280000980e4b2df000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=27yrp4hRMN5H9ZFoPP9w6XJbD%2BaL3MMa6vxsW5ka6j3hXvonJFe%2FQlfUHkobwvekVBxRgqatJ%2F9TK5zKkkKL4Tx026jhL%2FxuzM6tEmGaGV6a5TkVYaXj8wBC7fS%2BMtUNodVoZhNAzgjE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fdf6fcb7eca980e-FRA

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
15 KB 190ms
190ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=33553085645506&correlator=449247119566273&output=ldjh&impl=fifs&eid=21065138%2C21066612&vrg=2020120101&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201207&iu_parts=1042886%2Ciboca_news_cyber_640x480-prestitial%2Ciboca_news_cyber_na_fluid_top1%2Ciboca_news_cyber_728x90%2Ciboca_news_cyber_125x750%2Ciboca_news_cyber_na_fluid_top2%2Ciboca_news_cyber_980x240%2Ciboca_news_cyber_970x90%2Ciboca_news_cyber_1000x90%2Ciboca_news_cyber_300x600%2Ciboca_news_cyber_300x250%2Ciboca_news_cyber_140x600%2Ciboca_news_cyber_140x300%2Ciboca_news_cyber_na_fluid_inarticle%2Ciboca_news_cyber_450x20%2Ciboca_news_cyber_480x300&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F15&prev_iu_szs=640x480%2C320x50%2C728x90%2C125x750%2C125x750%2C320x50%2C980x240%2C970x90%2C1x1%2C300x600%2C300x600%2C300x250%2C300x250%2C140x600%2C140x600%2C140x300%2C320x50%2C450x20%2C450x20%2C450x20%2C480x300&fluid=0%2Cheight%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0&ists=4096&prev_scp=%7Cposition%3D1%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D2%7C%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D3%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1607356586&dt=1607356586766&dlt=1607356586150&idt=572&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C310%2C560%2C165%2C1310%2C310%2C310%2C315%2C0%2C990%2C990%2C990%2C990%2C310%2C310%2C310%2C477%2C477%2C477%2C477%2C477&adys=-12245933%2C0%2C62%2C250%2C250%2C250%2C270%2C1110%2C3863%2C686%2C2882%2C2369%2C1316%2C846%2C1476%2C2106%2C1211%2C2249%2C2269%2C2289%2C2309&adks=1747561427%2C2093776275%2C2170382154%2C593821742%2C593821743%2C2683047353%2C2576855985%2C3723235835%2C1924562213%2C3533418988%2C3533418990%2C3198919634%2C3198919625%2C2478626578%2C2478626579%2C2062746311%2C721889903%2C2627977948%2C2627977763%2C2627977762%2C1723937619&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1000x1%7C730x90%7C125x750%7C125x750%7C1000x20%7C980x240%7C1600x3863%7C1600x3863%7C313x600%7C313x600%7C313x250%7C313x250%7C146x600%7C146x600%7C146x300%7C479x884%7C479x445%7C479x445%7C479x445%7C479x445&msz=0x-1%7C980x0%7C730x90%7C125x750%7C125x750%7C980x0%7C980x240%7C970x-1%7C1600x1%7C300x600%7C300x600%7C300x250%7C300x250%7C146x600%7C146x600%7C146x300%7C479x0%7C479x20%7C479x20%7C479x20%7C479x300&ga_vid=374639706.1607356587&ga_sid=1607356587&ga_hid=1386678060&fws=644%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C479%2C479%2C479%2C479%2C479&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f797b17f60a55778ff014d27f88f93e4f39c96f0c4e9c75d7c878fb27965a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14091
x-xss-protection: 0
google-lineitem-id: 5522499108,-2,5523842285,-2,-2,-2,5523842285,-2,5523842285,5523842285,-2,5523842285,-2,5523842285,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138328442418,-2,138328415276,-2,-2,-2,138328444695,-2,138328415726,138328444692,-2,138328444698,-2,138328444683,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ce654f678be0318f6cac559cfbf39aee.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 61ms
15ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ce654f678be0318f6cac559cfbf39aee.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 3830659.js Show response
js.hs-analytics.net/analytics/1607356500000/ 62 KB
19 KB 203ms
202ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1607356500000/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 796b8323921e93bd8f86382204d5a1d4642fffc99e9c3cdce537569427eb7b22

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 00FC9029CEED635E
x-amz-server-side-encryption: AES256
cf-ray: 5fdf6fcb8ebb96b6-FRA
x-amz-id-2: oJnoJlSWPNM0yJbHfbqsmuEWfXumHTK0zN56ukwjVzpkg5VXzzpTufzdtDECMCG1/K+XKqvzql4=
last-modified: Wed, 18 Nov 2020 22:01:53 GMT
server: cloudflare
etag: W/"0dd56f062ccd9bd5a156126f1ea7dcda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 06df843335000096b60d234000000001
content-type: text/javascript
expires: Mon, 07 Dec 2020 16:01:26 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 75ms
59ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
via: 1.1 7eefe38d76087dfad8e2f0b7702246ef.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 245
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.218/bundles/pixels-release.js&cfRay=5fdf69cb3b23979c-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06df8433450000d6d11582f000000001
last-modified: Wed, 02 Dec 2020 05:20:17 UTC
server: cloudflare
etag: W/"6159aaab2b9ebbe66181371c0b06ec68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2loL3K5wOlJ4UYDOHK3xdpXBRt2L9KwW
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 5fdf6fcb98c8d6d1-FRA
x-amz-cf-id: lXZ11892IXuhnSR4QKyUrhdWevDn4ADgBZvAwcm9dxkvL_3zIyofvw==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 79 KB
20 KB 39ms
20ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
via: 1.1 08f45c153a856ff7955174d0e6f60745.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 332
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.7966/bundles/project.js&cfRay=5fdf67ab5908d0fd-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06df8433450000d6e57cada000000001
last-modified: Mon, 07 Dec 2020 03:40:46 UTC
server: cloudflare
etag: W/"084f0064b523664ce082aebef736853e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kCPoihtV0nKfLLh1Z8xOU8_A5Ba4lvrR
cache-control: max-age=600
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
cf-ray: 5fdf6fcbacf8d6e5-FRA
x-amz-cf-id: gn8NK-AN8rpp1_3ruksBpF_LQiLJMrA5nevM_I0oPonXRC-6Kf2ofA==

GET
H2 200 3830659.js Show response
js.hs-banner.com/ 51 KB
12 KB 82ms
81ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493a176ec78fb0ac6b6a95d9a93d57cd4db4880151ec1017282f8fee3f6250c9

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=Smq16w==, md5=MOAVoix/DZ6XFVDsDiVRgA==
date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-Uy7ZhscbhPzkPDe4ps3Dooy_THOAAEU8MGRsUOy2Sa3ifKKu5w83ID7hnsM08ISZV_wEcO3nDZenokmtUcm3CtBpZ55YA
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 06df84333900001f2d41a80000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 17:52:35 GMT
server: cloudflare
etag: W/"30e015a22c7f0d9e971550ec0e255180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1606758755326219
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 52110
cf-ray: 5fdf6fcb896e1f2d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 07 Dec 2020 16:01:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
94 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-67143636-4&cid=374639706.1607356587&jid=1873104330&gjid=6388347&_gid=1384878839.1607356587&_u=YEBAAAAAAAAAAC~&z=472569576

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Dec 2020 15:56:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948015301/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948015301/?random=1607356586708&cv=9&fst=1607353200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=3939415539&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948015301/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948015301/?random=1607356586708&cv=9&fst=1607353200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=3939415539&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 0
23 KB 30ms
14ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1532157
strict-transport-security: max-age=300; includeSubdomains
content-length: 22655
cf-request-id: 06df84336c0000dfbb86279000000001
timing-allow-origin: *
last-modified: Thu, 19 Nov 2020 22:06:27 GMT
server: cloudflare
etag: "5fb6ec63-587f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 5fdf6fcbdb58dfbb-FRA
x-amz-cf-id: U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires: Fri, 19 Nov 2021 22:20:27 GMT

GET
H2 200 common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js
c.disquscdn.com/next/embed/ 0
93 KB 44ms
28ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 576796
strict-transport-security: max-age=300; includeSubdomains
content-length: 94783
cf-request-id: 06df84336c0000dfbb048e6000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 23:25:14 GMT
server: cloudflare
etag: "5fc57f5a-1723f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 5fdf6fcbdb5cdfbb-FRA
x-amz-cf-id: qTlIsgJeiVKYLpKJk7-tZpsLzHRMZ2jhKj-dLst3ozr307jdRNXxtw==
expires: Tue, 30 Nov 2021 23:43:04 GMT

GET
H2 200 lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js
c.disquscdn.com/next/embed/ 0
114 KB 30ms
15ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1455960
strict-transport-security: max-age=300; includeSubdomains
content-length: 116379
cf-request-id: 06df84336c0000dfbb809e2000000001
timing-allow-origin: *
last-modified: Fri, 20 Nov 2020 19:08:20 GMT
server: cloudflare
etag: "5fb81424-1c69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C1
accept-ranges: bytes
cf-ray: 5fdf6fcbdb5bdfbb-FRA
x-amz-cf-id: yaoISWtZa_Htm13y7eXpFluexrytRU8scoM6I0rwGiOxoIOb1BdMdg==
expires: Sat, 20 Nov 2021 19:30:24 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
10 KB 221ms
48ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 15:56:27 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 43
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9280
X-XSS-Protection: 1; mode=block

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 55ms
54ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 07 Dec 2020 15:56:26 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=239203017352524&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607356586849&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607356586848.2122475499&it=1607356586699&coo=false&rqm=GET

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 15:56:26 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 351 B
584 B 134ms
134ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3830659&conversations-embed=static-1.7966&mobile=false&messagesUtk=1d227e751d6d4bc4b30e7d5fbfa94632&traceId=1d227e751d6d4bc4b30e7d5fbfa94632

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-length: 269
cf-request-id: 06df8433fd0000d6f109a41000000001
server: cloudflare
x-trace: 2B9C5BB93DCB928EE49BF7A00B58E37EA4774F2CD4000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 5fdf6fcccebbd6f1-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 127ms
125ms Other
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.insurancebusinessmag.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Dec 2020 15:56:26 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2BC1699A4ADDB76A4674C8D97041A741209BB80905000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status: DYNAMIC
cf-request-id: 06df84337e0000d6f1ce114000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 5fdf6fcbfd49d6f1-FRA

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 1014 0
0 204ms
189ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

Connection: keep-alive
Content-Length: 2749
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 07 Dec 2020 09:40:45 GMT
ETag: W/"lounge:view:8304289896.1a712cca7a006174d37d2a69da1457bd.2"
Content-Encoding: gzip
Date: Mon, 07 Dec 2020 15:56:27 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D90 0
0 49ms
49ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCA3Ms5lFU6V-YXjsPPJ82HdSQ3cwXORd24OIIiVGxca3OGNCzkEbf7iqYXMdmmkPZ-MJ2d5Pu1wEgV-zcHw5QUO8Lm7Njx6gHIZRUWqslNUSXCnH_6Zc95zgJJYJAKOFLWWBC9i15yhTJRlvRLDWnTGAedLVylDRZVMMzx6ZYNBVPE-tcSWDWv1DifKVFvXNx9xdPlYxCqI4QQfBJg4Lp-bIPA-PhwQR3xoCk0l4QI8FHVgOWGeC6YKHtF9BjQ3O64kgOmda4QiV4kh1iHeMDfM4Du5aJJDOmi7-okHRs5qPbFLMmo3QElxjvd8y4pDS9RFIz&sig=Cg0ArKJSzKjz9M0pK1CTEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame 2D90 3 KB
2 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D90 76 KB
29 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:27 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 2D90 0
0 43ms
27ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiPc3INo6qdzu2H1ul0vkA4k3-9zVYgUYy-FE9dnCBYRSovEUd5GBOba51j0Ff1VloYWBKz4gCecl9WXkHqDzNoTwh-w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 128802055032131217
tpc.googlesyndication.com/simgad/ Frame 2D90 43 KB
43 KB 46ms
22ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/128802055032131217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a4080d7b3a78d8829b8e436b103b9736e6757f007c06d51ada0f659cb50a6b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 21:13:25 GMT
x-content-type-options: nosniff
age: 67382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43800
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:28:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Dec 2021 21:13:25 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B0F 0
0 50ms
49ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue5lLG5hqublvwFbGpmsnjLpz6swPuSLaNSDTO1w3CJE694oh3bPSgMCx1MdOz1mfZOWEwB-FgV6qgmQNrgc7UadHw_rLzAetRcZOZYXJg7Mdd8XX-MAfWKYRrIChWvnhf_CtZ7WjrnFMueHENNrmozQ36m5rgpg7HHed1Ez4oBRiPV9mH2bXzw99VVeX_B016tS1y0ScCRdzZlaRXCMqzyqt65jtnWFfEFSiPnQAplmCNROOEc3J0SnpTNBTzWaBICx4N6s5BGGHrLmqcxJt3lMcVwq2L_9xqCFFM&sig=Cg0ArKJSzHQtfyPo7DSZEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame 4B0F 3 KB
2 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B0F 76 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:27 GMT

GET
H2 200 16087027898513391236
tpc.googlesyndication.com/simgad/ Frame 4B0F 40 KB
40 KB 35ms
17ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16087027898513391236

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 08:01:52 GMT
x-content-type-options: nosniff
age: 28475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40837
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 08:01:52 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 012A 0
0 51ms
49ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHAIgIqIuNjxG7GPt2EhI82TZvvcTW6GB49KY55yJhJkdSepdQ8xOxrTalSkj4MBZbcTwvdgKqgXKzxjYUv1KfAyxWbpxRBX8YOJkFiVNSd9bpQ49MWMk8O-I7SwWcMvJ1hObG8U8yRP342VeAWrJCvSy9tqyBg459gMdSyJ4jjeNnwl_IunWQmEin2mW3Npu3K6AUxmblpJhcqY_CYJVgWUBAaQhr5qkMl0KKaztYQwLbQUqSHuxa93rUmE7qdeLtxnBDLUIOsdSbN6K8L3SbJrRhN4_UQl8FHKld8g&sig=Cg0ArKJSzN2wWuhwM-TsEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame 012A 3 KB
2 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 012A 76 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:27 GMT

GET
H2 200 12598932462570953785
tpc.googlesyndication.com/simgad/ Frame 012A 46 KB
47 KB 23ms
11ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12598932462570953785

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 5438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47548
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 15:26:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9FD3 0
0 54ms
51ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5XlzcxTeYi17-XMpsL_2P0odyJnJlqSO9aoJYXeV5R50nN-EReqJYaAdEkCeMcg6WV9zJeyeMD9-zEZ1GbF721NL-s1Ld9m-IUgwyiMWfZ5DAuhucJ_cnkOU5LUWVv-enDpJqQr6dgepymSlrNWeFOplSJQEZYNXdjuxeODS0p8WQIGDiJt7YQXzoLRDabdg-mqFpPz9a-ohhrvGrZoCdIKc3U1NFISFfiCgJA4fWQ-VBBSgMiPHr3rhLapZKgz8ywOOcyPqCVfLZcCmU-W8IMI9sRTMtbmI0SuvlNw&sig=Cg0ArKJSzMTpjoT9xW7qEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame 9FD3 3 KB
2 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FD3 76 KB
29 KB 46ms
29ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:27 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9FD3 0
0 22ms
19ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvU76Jss0nLdzsb--8VGBWLhyQHIhQlhCkEDMDYXPbppvCQ8LXSxVhz5elYQOU_i0mHOvcANPp8mB-ZRF84NETaPCg6A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 14015424997989743780
tpc.googlesyndication.com/simgad/ Frame 9FD3 43 KB
43 KB 21ms
18ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14015424997989743780

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 5438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44348
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

GET
H3-Q050

200

13810547153303696996
tpc.googlesyndication.com/simgad/ Frame A057
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-viPwY4OXCL0qNetB2cBVn97HhAHc4LGspGolHBrK-ZNdA1oB1Qj2PAl3ma87TJIfsflo-v8f-0ajg08sTGHHaX4_QBkjYxwKcmHUoW7dcYuv3aM4LHPb9iUR1Mahl2g2Ll8ZHYxlS...
https://tpc.googlesyndication.com/simgad/13810547153303696996?

44 KB
44 KB

10ms
9ms

Image
image/jpeg

2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13810547153303696996?

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 5438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44712
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:39:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/13810547153303696996?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 39ms
28ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28382
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:27 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C6A6 0
0 50ms
49ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSkm1KaD-YHODh51etQs-EOCAW82aoBjf2AOsIgnkM-HvVnuJraYm8knDtv_KILM2CSbW5sPF8nKgV_9Qc4nhmISR7Hx8nRoI8-Hs3s108SrrRCPnxPG-AW9HIfd3jQJDL3xy70naOgWOgeAxeb8Oi1lQRtbIqSdtyVxH7YEbRfFpCh4lYCbbZniWm8Ef3Z4DSfIb_EbOfaNsuVd2UstVn1bbuZ3SnIkCUd0wneXdfMfIP0IQz9XUwQzZs2OJJihBEtFzhBXyzoyh6XYf7QeZ8uMuwc2bTSWwf8rmrDA&sig=Cg0ArKJSzGO_gxR_Qjh7EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame C6A6 3 KB
1 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6A6 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:27 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C6A6 0
0 16ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4-ghHwKcaylJHvNrRpmN9ONjCuseQI3fGGI8pg5LqC-GSViVuPbJ3EbGR-zbSIHjnGetF9sazWShC4GSI8x824qkQmQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 17709520277748985683
tpc.googlesyndication.com/simgad/ Frame C6A6 44 KB
44 KB 37ms
22ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17709520277748985683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba2a0e5d978194c64c77dde2152baf5ff5ae0548ccae71aaf75b257558c76e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 14:07:16 GMT
x-content-type-options: nosniff
age: 438551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45113
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Dec 2021 14:07:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAEC 0
0 51ms
49ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2ElMVjUCERoln83DfP8LTk5ulKyrx0YvlS0eyX_Zw7UkWvadtguFD84BMM4b9wk28o7aok6no2iJa7n7-a-t_0_VsLZVfxVtdWvK6QYbpVOyVPHdqCxIqptb2YL_6tyFacwqQKYxfrd-csEVWx0lgI3m6gU2S2oTNq7RU_RJrmtvL9wzjtJAD7TPwAc_XdJslZyogp45qd9Ojn_rk3M2LSnGhnj5Uo1MJavPJmvu5G-F7cxm7KuHaWURpUM4xE4m_5blGiAejgeZogt1QjK-G1STiaMDBEaJmyaRYSw&sig=Cg0ArKJSzIlp-qH-PZHiEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/ Frame CAEC 3 KB
2 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 01:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 01:11:49 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAEC 76 KB
29 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:27 GMT

GET
H3-Q050 200 8091804047278586021
tpc.googlesyndication.com/simgad/ Frame CAEC 46 KB
46 KB 34ms
25ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8091804047278586021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:08:42 GMT
x-content-type-options: nosniff
age: 6465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46899
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:08:42 GMT

GET
DATA 200
OK truncated
/ Frame 2D90 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcf97662bf4043ddb60981e4ccb7da73f91eb47a4c950182e8beae34cda45cde

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4B0F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f14e51bd9236525808023dcd970984ce556d9dcea2efd6657077bea425870aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 012A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66249d92b990f38b526a88a034c7b207bbacaaad6e5f78e4188f6773fd48a9b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 012A 0
22 B 50ms
50ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6p_Js_oD4c24YnVwXCTN-V32BsJDPfc1Fw1hmlHIw-hp2xaogaK3l-DAnlCLAjYWJ_8hpRz2VhZlqYPBOOtu4Cph_1Y5LgyujM1Ec6ETQ_x0_F7tBBEXHqQptpwiPhWiMg8XjXBoemv5usOXWRCPl17puvhN8ynJHnsrdhMyM4hwh4ZtVw2BFo0oR2_FNZUXD7u005fUnu4Qz3955No26iDiqQ6Jj0m8Hg-cehn41oGDQI56cw1pE2wdgFrsufuECcMXKYdK954q4r6fIgoMX0l0PFRkw9650oQ0_5Ws4&sig=Cg0ArKJSzC2OJaEj7c5zEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B0F 0
22 B 50ms
50ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk14IptBKEczrSOOayjNv63e2LRCa_BHieaJHot-2HZvRmcxzpxIrKB5ZAIZTlYfd1IaZwry7V3l_u8Z5oatOtuWrCszWRElmC5Z1wMxqTAuIYXcpHDzHOlHAsVPYzN1bL624QY8kYRRhqYdCYLZVry8W9JpXYkYFQHgmDHNBfQFjcShkWKPDQaqVSM20X-xYuIbee-ZROIwPT5CNWRyYFSVIZPvMnxjW2fKkW1LiRYwA1SiV05_f8TkC9YKLLDCQKj4L0PzdlunoatiVTpD_eLmpr8l-nEz5RLRkAPAk&sig=Cg0ArKJSzFIuDtWL2V78EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D90 0
22 B 48ms
48ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaBSb9QVMnpJUDofcD82mBVo7PWXUS5frh9K_JnoGjqG3tFTgLfGlN-shBxQkVhFbHMOrEfJnm24xi_yOF2kxyfJvi1HXuvdHM_6mI7CJJAIsJaVxrhEtf3UMMOuSHeT3JqHdbh8gGtlcay2NwNiJCCX1vAjpnRpKOMofxcWlzPfn0J4eHpVc3VEEpm9xShRIaQ4nk-wfn_OgEH7T1zKEl2X2u1VAiUNDk7EAkq1KpE_8SWZQqNw1SbF5q7H2QZ9QdkJS70UvXWgPvMmg7d0dA7tJrfoTpdemrpozc6YZmUDD65x3im2jJ&sig=Cg0ArKJSzEi-gK6PbvyNEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9FD3 0
22 B 50ms
49ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA72FvaDzuQ9KeiHiRVD2AFCTK68F0tdAzwYTRX0Q_YmqEzdck0AzlnQ1sV543JzmO0waKOB4UGZjSKwQBMTl81hWuV7ZNeC6TMJYfUv_pb1fP1tBuLFuZy62QlmoMAjmn3Ea4Fq2Vsjj7216DiL730VHzMW200c3HabWmtpjYmJiamuYmfpqFMPmUEPh7Y93p4PAhkoF0vgGIubDMuK_chnhDn_WeanuFagOKNGkjD56Fexkr2aj6L0ocECwurgSk8qMXdfUfCOYYxLUSOanPJVIrKlLYas8_vQ3Vwqfg&sig=Cg0ArKJSzP9oYXQeLbL-EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9FD3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 229226981524f040b533fa21cf2dc1216d2663fa1aa1cfbc50588ad1a749d5c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C6A6 0
22 B 50ms
50ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqFQHlWjjNy2EQDxqRyp1RN8UwdvGVTIKcwIr92i4x-hzzFjMqDcpLm6ii6-qsk1AINegw_bHZshIoawkgwa9Ovmb5vI4vhWf_1aGlj8afrT7ASkutEVcqVj19Yeed-7Ma3IEX57pLzuN76f8LA2u-8aHcrX4ZTNTGgTMjUCYKhEfIFZeC1s7nk-RbpSPD7wG4uhLnHKJh--QUqc60c4MO-oKzVs3UbuB33uQmf7cTd9kB5WMgO0GaxoOWGKgehwN6pxmFcpT5_YMesMnm_pgLzK991Q5l7vHtw7UYVRmi&sig=Cg0ArKJSzLKzG3Thvaz9EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C6A6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e49baca315e71f7817da339f2e53020eb46cab75f69c679d9a321505bd0749df

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAEC 0
22 B 58ms
50ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBpo6NH260XRflLnvyTV9fIIHMTpkf8z3Md1hfZI7cbnzUgG-eNPmbe7uRnvIkaiSy9XOsgUvVCpjUyi-bifb5SF_-rtsSFw6G9fJH7ieNaS5R_05XASzr_zFDeH58-qE2DQ4sZKSWd5Lx1O5oD41nrCVcX6IFSMgMpiM8hudKA6nGcjN5wSw6rhnilqyzhZWl9SiR9g1Yu30zFBMb6Vex1QGti_joyQkqPemrCs5oeSZLd7tpbNxoR5mmJSy05IMVJ4ebPW2fRhAYRC6Y5PePIYNrdQ8Xa7rasVuYpU3-&sig=Cg0ArKJSzKnSUVXfVeweEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CAEC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d910f64832beb975fc44f363627cbd7ec71ee6e0b6e20e74c5d42d97e1caf928

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 399 KB
55 KB 53ms
53ms Script
application/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9f75a1a0bc71452e1279885056d6c76bee32b081cf303bea3ebcfc1b1409f316

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: VAJVsdc4Cb0nPywy.d.T24u2_3_p4Suc
Content-Encoding: gzip
ETag: "cbb3b9097ce937dd4330ad74061fef80"
x-amz-request-id: 6039CC24F93183DB
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 55785
x-amz-id-2: yxEN16BWg7jlL+UKXBR3yAmnWBFYMJvnd9Sje1fTjBtY0a5WT0ZIexJdYUQakmoCJAILsJvM05M=
Last-Modified: Thu, 05 Nov 2020 19:27:04 GMT
Server: AmazonS3
Date: Mon, 07 Dec 2020 15:56:27 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated
/ Frame A057 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ab282e6de7572b4f049bfb29dd960d6c56b0d2c06b8af44228933de060f898

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK favicon-32x32.png
nextroll.com/ 2 KB
2 KB 413ms
134ms Image
image/png 34.234.81.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextroll.com/favicon-32x32.png
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.81.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-81-220.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 15:56:27 GMT
Via: 1.1 vegur
Last-Modified: Mon, 30 Nov 2020 21:05:36 GMT
Server: Apache
Etag: "64f-5b5595f1ce800"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1615

POST
H2 200 /
www.facebook.com/tr/ 0
115 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryabByvWfKJqIw9mGz

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 15:56:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
692 B 35ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=33553085645506&vrg=2020120101&nw_id=1042886&nslots=21&eid=21065138%2C676982961%2C21066612&pub_url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&qid=COKejfOdvO0CFTrnuwgddkcDSg&iu=%2F1042886%2Fiboca_news_cyber_980x240&e=512&ret=980x240&req=980x240&bm=0&efh=1&stk=0&ifi=21

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=33553085645506&vrg=2020120101&nw_id=1042886&nslots=21&eid=21065138%2C676982961%2C21066612&pub_url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&qid=COSejfOdvO0CFTrnuwgddkcDSg&iu=%2F1042886%2Fiboca_news_cyber_1000x90&e=0&ret=1x1&req=1x1&bm=0&efh=1&stk=1&ifi=21

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 0F91 337 B
353 B 29ms
29ms Stylesheet
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2898623
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:35:14 GMT
server: cloudflare
etag: "5f6a51f2-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 06df8436d20000dfbb0ba9b000000001
accept-ranges: bytes
cf-ray: 5fdf6fd14df5dfbb-FRA
expires: Fri, 24 Sep 2021 14:09:36 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame CCF4 337 B
403 B 19ms
19ms Stylesheet
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2898623
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:35:14 GMT
server: cloudflare
etag: "5f6a51f2-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 06df8436d20000dfbb6932f000000001
accept-ranges: bytes
cf-ray: 5fdf6fd14df9dfbb-FRA
expires: Fri, 24 Sep 2021 14:09:36 GMT

GET
H2 200 /
re.sajari.com/ 48 B
48 B 196ms
152ms Image
image/gif 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re.sajari.com/?company=keymedia&collection=insurancebusiness&cc.co=keymedia&cc.pr=insurancebusiness&p.ga=374639706&p.id=1607356586812.490085&e.id=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec.ti=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&ec.de=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&ec.ke=&canonical=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&bodyChecksum=e86c6832dea3f3fc78cbdb9e0afcd879&metaChecksum=9fa55bef232096ad927a2f87f0dc9f12&meta%5Bviewport%5D=width%3Ddevice-width%2C%20initial-scale%3D1&meta%5Bdescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bcustom%20meta%20field%5D=2020&meta%5Bauthor%5D=Lyle%20Adriano&meta%5Btwitter%3Acard%5D=summary_large_image&meta%5Btwitter%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Btwitter%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Btwitter%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Btwitter%3Asite%5D=%40InsuranceBizCA&meta%5Bog%3Aurl%5D=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&meta%5Bog%3Atype%5D=article&meta%5Bog%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Bog%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bog%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Bpublished_year%5D=custom%20meta%20field
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cloud-trace-context: dfcf8ec22b98b9f3891ce641b6194208
x-appengine-log-flush-count: 0
server: Google Frontend
date: Mon, 07 Dec 2020 15:56:27 GMT
content-length: 48
content-type: image/gif

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 134 B
707 B 134ms
118ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3830659

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 06df843733000006216bb83000000001
server: cloudflare
x-trace: 2BC6ACC11F4882DA49F915C0E157FD87AF3DEC91FE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: false
cf-ray: 5fdf6fd1e93e0621-FRA
access-control-allow-headers: *

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
27ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68590f2aa81fdf1cf4076645694180fe2e81b69b7da45cf22e3d9ce603f2ca47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6440
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
258 B 42ms
41ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=3830659&rcu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&pu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t=Malicious+actors+publish+data+stolen+from+fuel+company+%7C+Insurance+Business&cts=1607356587816&vi=22a0993f0caccf86c36314515a3d0b58&nc=true&u=226989634.22a0993f0caccf86c36314515a3d0b58.1607356587812.1607356587812.1607356587812.1&b=226989634.1.1607356587812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5fdf6fd1ec972c0d-FRA
date: Mon, 07 Dec 2020 15:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 06df84373000002c0d5bb87000000001
x-robots-tag: none

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 07 Dec 2020 15:56:27 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 9A9D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 07 Dec 2020 14:54:19 GMT
expires: Tue, 07 Dec 2021 14:54:19 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3728
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 661917934558964 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661917934558964?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

424bd8c15b75522b392c071dd64f49ee0b025f06a58e7394c33851c0394e4b91

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ATw+/DlGQ4I2s3xzP+VEaagTaxU0OFMrfjyhgv54BZsMuaWDrC58SdpYzB995NYw70yLvgcGdVPAgIHw3qmojg==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Mon, 07 Dec 2020 15:56:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1473320740
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
40ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120101&jk=33553085645506&bg=!EhGlETHNAAXKjztByliEX801SQLztAIAAABQUgAAAAxoAQcKAJqe1CFV8xAuXOLg8g3vDBjZB0DGFrW-hOriGofbs-0rQMzcQ8Xw4Tg0EKLay899WffBX1yLwQP7EwhffaxyWKkGrjpUfNfwiTqgMIsqfXWy3LPZosH6PnyeLo8jopkvD0iO4A1-qSGALKcYcbFSzxSw-J-TYot0zhFHXJAAW66iMumsN73hos1nCfmDHB7HsnxlMKTKvMUvduTZmQHF8lfGDwb23DLBtcfMbGMtulYsXZu7G8iuz2Qbu6u_gobVNKUJuDljRfQH0nXdrZ30EGjSL8KW8d3EHzKhoF0k8J-RAsf9LfkZMpvYHMZddFwrYVAhW7WUs3TfzikuPyJQnRLrz5_xk4Ouga7fL-4EdCnfTeddshma9_luFp85amYuuDkpYzlE6SHgNYgZmG3zHRpmRWZ0s_pn5aEPwHNcOIuMT3K3-I5MIJg_TUibtQ2_uUXn9nozQ1EHcwUbfHH6WPIqrrFAiUSEP2gVCvcYJOtdtAkVCrD53WzmrArhQmhPEcUgmLS_rzjaRyRuvnOOcsjGExCNgtQlEFAq0vx_O5VV1mRLU9y6FouhYheGqKigKg3rdgLfQ-nOw-W6w0Qc-K6g8pXOP0dbUGci6o3gLqJQBjsXLTWlAr3r2MjdNBAIt-5cBdVyhCCHlpziiXypnQqhMBSOlWimJhqrpybMk7_5RgTojrOWlZ-k-nzMO-EVcVm02ZAv1YM-mb8QzeEZUw5zKMYddkQ42vf_J9PideNR-KaOtxOEhPOdnUQ7oK-aUSEs794PJZQcwVaqAJPvliosihwuBS8NDSFXDGcgJxpHDHDs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 228002331440464 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/228002331440464?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: XrBLvdPVJ05cHNKPqnQvo0gUikdVgFlTLg0Tq/58DBhEFIIDeb6ht9GmfTJt3eyez6pHhpoErh821XTckekVHw==
x-fb-trip-id: 603378373
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 07 Dec 2020 15:56:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 485817644
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661917934558964&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607356588088&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607356586848.2122475499&it=1607356586699&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 15:56:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=228002331440464&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607356588089&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607356586848.2122475499&it=1607356586699&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 15:56:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Dec 2020 15:56:28 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 012A 42 B
71 B 40ms
39ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgWWEENVsx2FWmvmATtPiP4FiD57sfqdp946wvnek2lLrlBJ5_vPWNMwQgH7qYWhA7Y0S-U1vMuFjiLJEcfV559WcCTRGksWgPR1K2rz8&sig=Cg0ArKJSzKAsVGcJTGoWEAE&adk=2576855985&tt=-1&bs=1600%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=251,310,491,1290&mcvt=1010&rs=0&ht=0&tfs=131&tls=1141&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=25&niot_cbk=59&md=2&btr=0&cpmav=0&lm=2&rst=1607356587044&dlt&rpt=164&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C3091&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-2-9-9-0-0-0&tvt=1141&is=980%2C240&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=10&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=980x240&itpl=3&v=20201202

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4B0F 42 B
66 B 39ms
39ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvULBwjcYt9ifBGxcl5x0wx_QQoKagtKqY2nap5GxF7POvagkgyf9W03xPvmXveg-emEnUr2U8YbI3tyi-ojrHk88KnGtCT5jWnKcBig1Y&sig=Cg0ArKJSzHPykflVEaaiEAE&adk=2170382154&tt=-1&bs=1600%2C1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&p=62,562,152,1290&mcvt=1009&rs=0&ht=0&tfs=137&tls=1146&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=31&niot_cbk=61&md=2&btr=0&cpmav=0&lm=2&rst=1607356587044&dlt&rpt=165&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C3091&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-2-9-9-0-0-0&tvt=1145&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=10&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201202

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2D90 42 B
66 B 39ms
39ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujH88YD8sC9SgVjMGwgY9reiMcoHYQuK8hPtzU-E47Pb5u7_gbMtGZ7cgON3sc7qxKeTpJEsNNMHgHLIcdX7I8LH5P2PLMaaXvJxv2P6I&sig=Cg0ArKJSzJYYIp8Et86cEAE&adk=1747561427&tt=-1&bs=1600%2C1200&mtos=1095,1095,1095,1095,1095&tos=1095,0,0,0,0&p=319,480,799,1120&mcvt=1095&rs=0&ht=0&tfs=175&tls=1270&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=44&niot_cbk=69&md=2&btr=0&cpmav=0&lm=2&rst=1607356587040&dlt&rpt=169&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C3091&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-7-10-10-0-0-0&tvt=1264&is=640%2C480&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=11&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=640x480&itpl=3&v=20201202

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9FD3 42 B
66 B 39ms
39ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujYMorIcEeFIf68Vxwt-ha5Vh3PCYIURss7pqhGfaaRPcx2D-DCAB3R3N7GiqOxFxiy-poI2ALN3PsHLhHNqka1eKA-1yWgdgnJdhQGA0&sig=Cg0ArKJSzL_T0iYYRaLLEAE&adk=3533418988&tt=-1&bs=1600%2C1200&mtos=0,1089,1089,1089,1089&tos=0,1089,0,0,0&p=667,990,1267,1290&mcvt=1089&rs=0&ht=0&tfs=130&tls=1219&mc=0.88&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=3&niot_cbk=53&md=2&btr=0&cpmav=0&lm=2&rst=1607356587045&dlt&rpt=165&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C3091&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-3-10-10-0-0-0&tvt=1217&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=11&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x600&itpl=3&v=20201202

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CAEC 42 B
66 B 39ms
39ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssezorSgZj1YAe886Cl3nfPpSMLXwsn-7o-UVEppm89AN1Fx0WFehNdk88XTLp6VjmlO5oq0RKlrihRWuETb1Zw-ValmFETRLjl1SJXfrw&sig=Cg0ArKJSzLpCRRzLt1dVEAE&adk=2478626578&tt=-1&bs=1600%2C1200&mtos=0,0,1088,1088,1088&tos=0,0,1088,0,0&p=852,313,1452,453&mcvt=1088&rs=0&ht=0&tfs=121&tls=1209&mc=0.57&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=43&md=2&btr=0&cpmav=0&lm=2&rst=1607356587078&dlt&rpt=138&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C3091&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-3-10-10-0-0-0&tvt=1207&is=140%2C600&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=11&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=140x600&itpl=3&v=20201202

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVJAApDzUORZpV7XR

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 15:56:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 5ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryj13wjN4rC50jNiBB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 07 Dec 2020 15:56:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 23:59:30	Name: uvc Value: 1%7C50
.insurancebusinessmag.com/	1970-01-19 14:29:18	Name: __hssc Value: 226989634.1.1607356587812
.insurancebusinessmag.com/	1970-01-19 23:50:52	Name: hubspotutk Value: 22a0993f0caccf86c36314515a3d0b58
.insurancebusinessmag.com/	1970-01-19 23:50:52	Name: __gads Value: ID=004032c9b8d8033b:T=1607356586:S=ALNI_MZa7njQCPBmS_rbNORLyLM5l_zwRg
.insurancebusinessmag.com/	1970-01-19 16:38:52	Name: _fbp Value: fb.1.1607356586848.2122475499
.insurancebusinessmag.com/	1970-01-20 08:00:28	Name: _ga Value: GA1.2.374639706.1607356587
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: sjSE Value: 1
www.insurancebusinessmag.com/	1970-01-19 14:29:18	Name: __atuvs Value: 5fce50aaed75e5aa000
www.insurancebusinessmag.com/	1970-01-19 23:59:30	Name: __atuvc Value: 1%7C50
.insurancebusinessmag.com/	1970-01-19 14:30:42	Name: _gid Value: GA1.2.1384878839.1607356587
.insurancebusinessmag.com/	1970-01-19 14:29:16	Name: _gat_UA-67143636-4 Value: 1
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.insurancebusinessmag.com/	1970-01-19 23:50:52	Name: __hstc Value: 226989634.22a0993f0caccf86c36314515a3d0b58.1607356587812.1607356587812.1607356587812.1
.addthis.com/	1970-01-19 23:59:30	Name: loc Value: MDAwMDBFVVBMMTIyMzAxMTk5OTAwMDAwMDBDSA==
.insurancebusinessmag.com/	1970-01-19 15:12:28	Name: __cfduid Value: d591f8ac6c5f8c2c493e226fdadbed6db1607356585

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.pl
api.hubapi.com
api.hubspot.com
c.disquscdn.com
cdn-res.keymedia.com
cdn.sajari.com
cdn.sajari.net
cdnjs.cloudflare.com
ce654f678be0318f6cac559cfbf39aee.safeframe.googlesyndication.com
code.jquery.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insurance-business.disqus.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
m.addthis.com
maxcdn.bootstrapcdn.com
nextroll.com
pagead2.googlesyndication.com
re.sajari.com
s.adroll.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
use.fontawesome.com
v1.addthisedge.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.insurancebusinessmag.com
z.moatads.com
s7.addthis.com
104.111.214.206
104.111.216.96
104.75.88.112
142.250.74.194
151.101.0.134
151.101.112.134
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
216.58.206.2
23.111.9.35
2606:4700:3037::681f:5ebc
2606:4700::6810:135e
2606:4700::6810:650c
2606:4700::6811:46b0
2606:4700::6811:71b0
2606:4700::6811:c8cc
2606:4700::6811:d4cc
2606:4700::6811:eecc
2606:4700::6812:15bf
2606:4700::6812:a813
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:808::2013
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2002
2a00:1450:4001:814::2003
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:817::2008
2a00:1450:4001:81a::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2002
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a00:1450:400c:c02::9c
2a02:26f0:1700:d::1737:6ea4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.234.81.220
34.254.144.210
35.190.50.98
54.78.251.22
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37
04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05eea797cc21885a326e74c661ba237051e4a6f9abe2e81a8f6f76390efce52a
083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576
0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec
1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd
178199a0ed5c0a2790923171ce0c742550171650d6effe185838e07ee0625649
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e
2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6
21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276
229226981524f040b533fa21cf2dc1216d2663fa1aa1cfbc50588ad1a749d5c3
25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142
315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf
383e5f611a5c1637137d721c623842d4ad37fbb609e726a0a086b8fdd4c481cb
40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82
424bd8c15b75522b392c071dd64f49ee0b025f06a58e7394c33851c0394e4b91
493a176ec78fb0ac6b6a95d9a93d57cd4db4880151ec1017282f8fee3f6250c9
4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4
52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2
66249d92b990f38b526a88a034c7b207bbacaaad6e5f78e4188f6773fd48a9b8
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
67f7f7a4b931bca20fac7c458969034200f3c64187b84782da9659f07ac5f247
68590f2aa81fdf1cf4076645694180fe2e81b69b7da45cf22e3d9ce603f2ca47
6992358481162b8b95756e126d945e3eb99fb696b22e80672e7627ad0a8ef896
69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
796b8323921e93bd8f86382204d5a1d4642fffc99e9c3cdce537569427eb7b22
7a4080d7b3a78d8829b8e436b103b9736e6757f007c06d51ada0f659cb50a6b1
7e0a81e413278984786f130c1c56e5b93d19d9cfdbfd1d2622b3d7a4969c3d4d
80479814589d820a87ac07a15295f8ed6bd207bd4c6750c72910093af88e79b2
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8bfa2b2b73cc814ffe379b03727848cad8304b7f58c6065f49a0428eb65a20c5
99ab282e6de7572b4f049bfb29dd960d6c56b0d2c06b8af44228933de060f898
9f14e51bd9236525808023dcd970984ce556d9dcea2efd6657077bea425870aa
9f75a1a0bc71452e1279885056d6c76bee32b081cf303bea3ebcfc1b1409f316
aba2a0e5d978194c64c77dde2152baf5ff5ae0548ccae71aaf75b257558c76e9
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1
c218dd8197b9f853bf79752b9865965a0d3078f9fd1faa60b2f0b06d253b2338
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d66b391a7c8b6520dd2480ed1cc4aa862d970b7ecb212abc7e19d1c2a3a6bcc2
d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9
d910f64832beb975fc44f363627cbd7ec71ee6e0b6e20e74c5d42d97e1caf928
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf97662bf4043ddb60981e4ccb7da73f91eb47a4c950182e8beae34cda45cde
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e49baca315e71f7817da339f2e53020eb46cab75f69c679d9a321505bd0749df
e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b
edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f797b17f60a55778ff014d27f88f93e4f39c96f0c4e9c75d7c878fb27965a8eb
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

www.insurancebusinessmag.com Open in urlscan Pro 2606:4700:3037::681f:5ebc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

133 Requests

99 %HTTPS

73 %IPv6

37 Domains

47 Subdomains

45 IPs

6 Countries

2448 kBTransfer

5643 kBSize

15 Cookies

11 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

99 %
HTTPS

73 %
IPv6

37
Domains

47
Subdomains

45
IPs

6
Countries

2448 kB
Transfer

5643 kB
Size

15
Cookies

133 HTTP transactions
7 data transactions