www.govtech.com Open in urlscan Pro
95.101.27.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Submission: On March 26 via api (March 26th 2020, 5:35:00 pm UTC) from US

Summary HTTP 108 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 30 domains to perform 108 HTTP transactions. The main IP is 95.101.27.99, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is www.govtech.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 19th 2020. Valid for: 3 months.

This is the only time www.govtech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	95.101.27.99 95.101.27.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
7	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
5	54.193.17.225 54.193.17.225	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:325d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.52.149.16 13.52.149.16	16509 (AMAZON-02) (AMAZON-02)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	95.101.27.101 95.101.27.101	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.227.156.53 13.227.156.53	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
2	207.189.124.17 207.189.124.17	13649 (ASN-VINS) (ASN-VINS)
1	34.193.167.244 34.193.167.244	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.12.65 151.101.12.65	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:182::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
6 9	52.19.228.230 52.19.228.230	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
24	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1 2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	34.206.200.99 34.206.200.99	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	185.33.223.210 185.33.223.210	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
2	54.241.143.183 54.241.143.183	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20e8:e600:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
1	3.223.54.222 3.223.54.222	14618 (AMAZON-AES) (AMAZON-AES)
108	38

10 95.101.27.99 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-27-99.deploy.static.akamaitechnologies.com

www.govtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media2.govtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.193.17.225 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-17-225.us-west-1.compute.amazonaws.com

services.erepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:325d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.52.149.16 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-149-16.us-west-1.compute.amazonaws.com

analytics.erepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.101 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-27-101.deploy.static.akamaitechnologies.com

media.governing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.156.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-156-53.muc51.r.cloudfront.net

media.erepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.189.124.17 (United States)

ASN13649 (ASN-VINS, US)

marketing.erepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.167.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-167-244.compute-1.amazonaws.com

s.clickability.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:182::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.19.228.230 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-228-230.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.200.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-200-99.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.210 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.241.143.183 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-143-183.us-west-1.compute.amazonaws.com

cms.erepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:e600:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.54.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-54-222.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	403 KB
13	erepublic.com services.erepublic.com analytics.erepublic.com media.erepublic.com marketing.erepublic.com cms.erepublic.com	139 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	143 KB
11	twitter.com 1 redirects platform.twitter.com syndication.twitter.com analytics.twitter.com	110 KB
11	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	188 KB
10	prfct.co 6 redirects pixel-geo.prfct.co pixel.prfct.co	4 KB
10	govtech.com www.govtech.com media2.govtech.com	578 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	google.com 1 redirects adservice.google.com www.google.com	532 B
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	openx.net 1 redirects us-u.openx.net	353 B
2	googletagservices.com www.googletagservices.com	42 KB
2	google.de www.google.de adservice.google.de	280 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	datatables.net cdn.datatables.net	30 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com 1 redirects ads.yahoo.com	292 B
1	t.co t.co	448 B
1	ytimg.com s.ytimg.com	14 KB
1	youtube.com www.youtube.com	923 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	facebook.net connect.facebook.net	30 KB
1	licdn.com snap.licdn.com	2 KB
1	marinsm.com tag.marinsm.com	4 KB
1	clickability.com s.clickability.com	915 B
1	google.be adservice.google.be	171 B
1	governing.com media.governing.com	90 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
108	30

	Domain	Requested by
21	pbs.twimg.com	www.govtech.com
9	pixel-geo.prfct.co	6 redirects www.govtech.com
7	platform.twitter.com	www.govtech.com platform.twitter.com
7	securepubads.g.doubleclick.net	www.govtech.com securepubads.g.doubleclick.net www.googletagservices.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	www.govtech.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	www.govtech.com	www.govtech.com
5	services.erepublic.com	www.govtech.com pagead2.googlesyndication.com platform.twitter.com
4	media2.govtech.com	www.govtech.com
3	analytics.erepublic.com	www.govtech.com
2	cms.erepublic.com	www.govtech.com
2	ton.twimg.com	platform.twitter.com
2	secure.adnxs.com	1 redirects www.govtech.com
2	us-u.openx.net	1 redirects www.govtech.com
2	analytics.twitter.com	www.govtech.com static.ads-twitter.com
2	syndication.twitter.com	1 redirects www.govtech.com
2	px.ads.linkedin.com	1 redirects www.govtech.com
2	www.googletagservices.com	pagead2.googlesyndication.com www.govtech.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	marketing.erepublic.com	www.govtech.com
2	adservice.google.com	securepubads.g.doubleclick.net www.googletagservices.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	cdn.datatables.net	www.govtech.com
1	ping.chartbeat.net
1	static.chartbeat.com	www.govtech.com
1	adservice.google.de	www.googletagservices.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	www.govtech.com
1	pixel.prfct.co	www.govtech.com
1	ads.yahoo.com	1 redirects
1	cdn.syndication.twimg.com	platform.twitter.com
1	t.co	www.govtech.com
1	s.ytimg.com	www.youtube.com
1	www.linkedin.com	1 redirects
1	www.youtube.com	www.govtech.com
1	static.ads-twitter.com	www.govtech.com
1	connect.facebook.net	www.govtech.com
1	snap.licdn.com	www.govtech.com
1	www.google.de	www.govtech.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	tag.marinsm.com	www.govtech.com
1	s.clickability.com	www.govtech.com
1	adservice.google.be	securepubads.g.doubleclick.net
1	media.erepublic.com	www.govtech.com
1	media.governing.com	www.govtech.com
1	www.googletagmanager.com	www.govtech.com
108	47

This site contains links to these domains. Also see Links.

Domain
www.northcoastcitizen.com
www.registerguard.com
www.oregonlaws.org
www.cisco.com
www.erepublic.com
erepublic.secure.force.com
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.erepublic.com Let's Encrypt Authority X3	`2020-03-19` - `2020-06-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.erepublic.com Amazon	`2020-02-26` - `2021-03-26`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-25` - `2020-10-09`	7 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
media.erepublic.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh
*.google.be GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
marketing.erepublic.com Go Daddy Secure Certificate Authority - G2	`2019-04-08` - `2020-09-11`	a year	crt.sh
*.clickability.com Go Daddy Secure Certificate Authority - G2	`2019-03-27` - `2021-05-26`	2 years	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2019-09-23` - `2020-09-23`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Frame ID: CEE01CA311AD84CDA299665628D69A59
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200319/r20190131/zrt_lookup.html
Frame ID: 5DD8637C5DDF131CECD22A5BA21EE1A7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html?origin=https%3A%2F%2Fwww.govtech.com
Frame ID: 69EBAADFB2E2359B260D55591A78B0CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318863293238952&output=html&adk=1812271804&adf=3025194257&lmt=1585172489&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585244079860&bpp=14&bdt=608&fdt=194&idt=195&shv=r20200319&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2673639249957&frm=20&pv=2&ga_vid=2051354842.1585244080&ga_sid=1585244080&ga_hid=1564475324&ga_fc=0&iag=0&icsg=137573313248&dssz=50&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1433902337370480&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=208
Frame ID: C2482517F69849E38F675C113CA9DFD9
Requests: 1 HTTP requests in this frame

Frame: https://www.govtech.com/templates/gt_2016_ad_iframe.html
Frame ID: E742F174E2C63A87B8FA81879542213B
Requests: 11 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1240903855325368321/fWIizldS?format=png&name=144x144_2
Frame ID: 3AA553228C129B04113390B598259C45
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 2F75738CFA64088B414FF6A5575F62D0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 678A8043459E37170CCFDA52819EBFEE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 95EBF74EF9A46AADCE01975699E82907
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

108
Requests

99 %
HTTPS

50 %
IPv6

30
Domains

47
Subdomains

38
IPs

7
Countries

1841 kB
Transfer

3724 kB
Size

13
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.northcoastcitizen.com/news_paid/cyberattack-takes-down-county-computers/article_4b54272a-b6fb-505c-9e01-f5e8416047d6.html
Title: quoted as saying

Search URL Search Domain Scan URL

URL: https://www.registerguard.com/news/20200123/cyberattacks-hit-tillamook-county-st-helens-slowing-government
Title: was hit with a similar cyberattack

Search URL Search Domain Scan URL

URL: https://www.oregonlaws.org/ors/401.025
Title: activate its incident response team

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/solutions/industries/smart-connected-communities/safety-security.html?ccid=cc000122&placement=GovTechSecurity&dtid=pdidgd000002
Title: Helping Protect Cities Against Crime

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/talos.html#~stickynav=1
Title: Meet Cisco Talos, the Industry-Leading Threat Intelligence Group Fighting the Good Fight

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/cloud-security/index.html#~stickynav=1
Title: How Cisco Secures the Cloud: Effective Security for the Multicloud World

Search URL Search Domain Scan URL

URL: https://www.erepublic.com/
Title: © 2020 All rights reserved. e.Republic

Search URL Search Domain Scan URL

URL: https://erepublic.secure.force.com/PrivacyRequest/
Title: California Residents - Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.erepublic.com/brands/govtech/
Title: ADVERTISE

Search URL Search Domain Scan URL

URL: https://www.erepublic.com/contact/
Title: CONTACT

Search URL Search Domain Scan URL

URL: https://www.erepublic.com/privacy/
Title: PRIVACY

Search URL Search Domain Scan URL

URL: https://twitter.com/govtechnews
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/governmenttechnology
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GovernmentTechnology
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/government-technology/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1564475324&t=pageview&_s=1&dl=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&ul=en-us&de=UTF-8&dt=Cyberattack%20Hobbles%20Oregon%20County%20Network%2C%20Services&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1643267329&gjid=1971941266&cid=2051354842.1585244080&tid=UA-732206-2&_gid=938042115.1585244080&_r=1&gtm=2ou3i0&z=902268580 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-732206-2&cid=2051354842.1585244080&jid=1643267329&_gid=938042115.1585244080&gjid=1971941266&_v=j81&z=902268580 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-732206-2&cid=2051354842.1585244080&jid=1643267329&_v=j81&z=902268580 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-732206-2&cid=2051354842.1585244080&jid=1643267329&_v=j81&z=902268580&slf_rd=1&random=1308540980

Request Chain 45

https://pixel-geo.prfct.co/tagjs?a_id=97816&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=97816&source=js_tag

Request Chain 46

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=570164&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&time=1585244080124 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D570164%26url%3Dhttps%253A%252F%252Fwww.govtech.com%252Fsecurity%252FCyberattack-Hobbles-Oregon-County-Network-Services.html%26time%3D1585244080124%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=570164&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&time=1585244080124&liSync=true

Request Chain 54

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_JSnABP9McTWBKYeFF

Request Chain 55

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_JSnABP9McTWBKYeFF&sigv=1&esig=2~18cbd1644bfd6232f522623cc8d0b7930b16bb1a HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_JSnABP9McTWBKYeFF

Request Chain 56

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_JSnABP9McTWBKYeFF HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_JSnABP9McTWBKYeFF

Request Chain 57

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_JSnABP9McTWBKYeFF

Request Chain 58

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfSlNuQUJQOU1jVFdCS1llRkY HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 60

https://secure.adnxs.com/seg?t=2&add=19196192 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D19196192

Request Chain 102

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

108 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set Cyberattack-Hobbles-Oregon-County-Network-Services.html Show response
www.govtech.com/security/ 155 KB
41 KB 370ms
318ms Document
text/html 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e97bf8733ea0ae517e15c42cfbe3f3efb5db182de09424cb7af151066c7ad2e4

Request headers

Host: www.govtech.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Last-Modified: Wed, 25 Mar 2020 21:41:29 GMT
Content-Encoding: gzip
X-Server-Name: az-cmlive5
Content-Type: text/html;charset=utf-8
Server: Apache
Vary: Accept-Encoding
Content-Length: 41691
Date: Thu, 26 Mar 2020 17:34:39 GMT
Connection: keep-alive
Set-Cookie: f5avrbbbbbbbbbbbbbbbb=POKEOELHOPJNJKPGIHHLDFMBFEGKDFINGAJDOABGBCIOCGGMFGMELIMPANIIEJPBGJPBOKDMNMODGJIMJDOJCLKIDAMAGMBLEHMJKJBMEFAGLHGJGOHLLCKDJGPNPOFP; HttpOnly; secure f5avrbbbbbbbbbbbbbbbb=JIOOPFCIGDCGPEOLACAFLKGEAODPJENBHFEEDINCCFEGPDOBDCKJAKENNHFLFCJNFFKAJMNPLACDEEKLHNAPNGDNHHJALLAOEHDCMECHBCPAFOJDGOAIICNHEANKCHPB; HttpOnly; secure

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-732206-2

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

746edc06990bc286d061d5b20642318589395f5ee7c78f8926712190b98da265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28638
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Mar 2020 17:34:39 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 44 KB
15 KB 35ms
33ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

f4f1b73e3b032d06e6974fee38b30c9acee456a4c9b4787973c59f84e8c6b523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "467 / 827 of 1000 / last-modified: 1585081375"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14728
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:39 GMT

GET
H2 200 stylesheet.css
services.erepublic.com/fonts/ProximaNova/ 6 KB
848 B 562ms
168ms Stylesheet
text/css 54.193.17.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.erepublic.com/fonts/ProximaNova/stylesheet.css
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.17.225 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-17-225.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: f7a3b9591a84d08363416ea47bec787d17beb4aed51e269475d19840be1e82e9

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2016 20:47:29 GMT
server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
access-control-allow-origin: *
etag: "17da-5437c364f3b2e-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 600

GET
H/1.1 200
OK gt_2016_all.min.css
www.govtech.com/includes/ 173 KB
28 KB 125ms
124ms Stylesheet
text/css 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/includes/gt_2016_all.min.css?v=32107
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e9b6e495599e9587ee7deef24c7dbe99a83c4df8f3a4aaa35eaa36d30a65fda6

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Oct 2019 18:23:11 GMT
X-Server-Name: az-cmlive5
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Content-Length: 27864
Server: Apache

GET
H/1.1 200
OK gt_2016_all.min.js Show response
www.govtech.com/includes/ 551 KB
171 KB 393ms
348ms Script
text/javascript 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9e2dfb54faa1acf1b2ecf4f61d2242236dec875d3df52c3ceed3cef67107f948

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Mar 2020 22:31:59 GMT
X-Server-Name: az-cmlive14
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Connection: keep-alive
Content-Length: 174648
Server: Apache

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c005dba1d518d8fcd6bb8b0cd5264947d7c8c5b53363556d98c453428a376ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39033
x-xss-protection: 0
server: cafe
etag: 13352514705584774431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Mar 2020 17:34:39 GMT

GET
H2 200 jquery.dataTables.min.css
cdn.datatables.net/1.10.19/css/ 14 KB
3 KB 39ms
18ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datatables.net/1.10.19/css/jquery.dataTables.min.css
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4177870
status: 200
content-length: 2109
last-modified: Tue, 17 Jul 2018 10:18:26 GMT
server: cloudflare
etag: "1121ccf-364c-5712f444e19c2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 57a29fa77d6964f7-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 06 Feb 2021 09:03:29 GMT

GET
H/1.1 200
OK MzguMTA4LjEwOC4xNzg7VW5pdGVkIFN0YXRlcw==.js Show response
analytics.erepublic.com/cms/geo/ 13 B
222 B 701ms
173ms Script
text/html 13.52.149.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.erepublic.com/cms/geo/MzguMTA4LjEwOC4xNzg7VW5pdGVkIFN0YXRlcw==.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.52.149.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-52-149-16.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) PHP/7.0.33 / PHP/7.0.33
Resource Hash: 014dca4f1265067a9d5f2cb59830269cc3f3aa217f1f3376f84c9d9690f1f16b

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Server: Apache/2.4.41 (Amazon) PHP/7.0.33
Connection: keep-alive
X-Powered-By: PHP/7.0.33
Content-Length: 13
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4199) /
Resource Hash: 198c88313d65f4d2b30b218566c00f96002f78ae125643d5a73a669b46cab112

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:21:21 GMT
Server: ECS (fcn/4199)
Age: 81
Etag: "3ce571864e8afdda3bc0a81ffbebe447+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29105

GET
H/1.1 200
OK Lohrman.jpg
media.governing.com/images/ 90 KB
90 KB 233ms
213ms Image
image/jpeg 95.101.27.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.governing.com/images/Lohrman.jpg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Server: 95.101.27.101 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b6ab402ae0ebbcf7da2bd6c0ec8c31c29f41ca2b2294ebb9a2a37f73afb9be5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Last-Modified: Tue, 24 Oct 2017 22:05:15 GMT
X-Server-Name: az-cmlive14
Content-Type: image/jpeg
Cache-Control: max-age=265
Connection: keep-alive
Content-Length: 91753
Server: Apache

GET
H/1.1 200
OK Cisco_Whatsnext.jpg
media2.govtech.com/images/400*266/ 16 KB
16 KB 169ms
120ms Image
image/jpeg 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media2.govtech.com/images/400*266/Cisco_Whatsnext.jpg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f14a70982cea4e1e978a663f05421144e4ae8e390dc0e107e79331db86ecca6f

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Last-Modified: Tue, 17 Mar 2020 20:42:13 GMT
X-Server-Name: az-cmlive23
Content-Type: image/jpeg
Cache-Control: max-age=53
Connection: keep-alive
Content-Length: 16439
Server: Apache

GET
H/1.1 200
OK SHUTTERSTOCK_HANDS_TYPING_ON_KEYBOARD.jpg
media2.govtech.com/images/400*268/ 27 KB
27 KB 122ms
121ms Image
image/jpeg 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media2.govtech.com/images/400*268/SHUTTERSTOCK_HANDS_TYPING_ON_KEYBOARD.jpg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e2e1399aad73dbb9629ca387efdf16156ffa577b1634653d51d3a9eadcc82cf1

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Last-Modified: Wed, 08 Aug 2018 20:49:14 GMT
X-Server-Name: az-cmlive23
Content-Type: image/jpeg
Cache-Control: max-age=175
Connection: keep-alive
Content-Length: 27571
Server: Apache

GET
H/1.1 200
OK shutterstock_1136903261.jpg
media2.govtech.com/images/400*237/ 12 KB
12 KB 351ms
307ms Image
image/jpeg 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media2.govtech.com/images/400*237/shutterstock_1136903261.jpg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4cad2b0f16c313ea26763cf281e55c1b32a79372dba0ff8b827c85e978e0784b

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
Last-Modified: Fri, 31 Jan 2020 21:00:50 GMT
X-Server-Name: az-cmlive14
Content-Type: image/jpeg
Cache-Control: max-age=173
Connection: keep-alive
Content-Length: 11910
Server: Apache

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.19/js/ 80 KB
28 KB 15ms
15ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 12817154
status: 200
content-length: 28049
last-modified: Tue, 17 Jul 2018 10:18:27 GMT
server: cloudflare
etag: "1121ce7-141eb-5712f4450dcca-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 57a29fa78d7b64f7-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 29 Oct 2020 09:15:24 GMT

GET
H2 200 GT_NAV_1Asset_3GT_NAV_1.svg
media.erepublic.com/image/ 29 KB
29 KB 764ms
688ms Image
image/svg+xml 13.227.156.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.erepublic.com/image/GT_NAV_1Asset_3GT_NAV_1.svg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.156.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-156-53.muc51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9770f92a133d8b21cfe70f42833ad53fd9e8fa40433c3416d4797a08bc50cd94

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:41 GMT
via: 1.1 82d72aa74157c1546057b92f26cead17.cloudfront.net (CloudFront)
last-modified: Wed, 01 Aug 2018 21:21:48 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "754fe5d615fb622ea2edf0ae3c48e421"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 29632
x-amz-cf-id: btWglpdZm99LUsD45nuRn8N2dN3GZKRRcgrlNXntyaH6pizgZ84jVg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-732206-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3364
date: Thu, 26 Mar 2020 16:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 26 Mar 2020 18:38:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
171 B 21ms
20ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.govtech.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 21ms
21ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.govtech.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 168 KB
62 KB 33ms
31ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62957
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:39 GMT

GET
H/1.1 200
OK 16245 Show response
marketing.erepublic.com/cdnr/87/acton/bn/tracker/ 5 KB
5 KB 527ms
172ms Script
application/javascript 207.189.124.17
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.erepublic.com/cdnr/87/acton/bn/tracker/16245
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.189.124.17 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 2f254c89e3e4c68652d4929d9b2fd6b0529f5072189269be220c8d89f4e9523a

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
X-Cnection: close
Server: Apache-Coyote/1.1
Content-Type: application/javascript;charset=utf-8
Content-Length: 4797
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"

GET
H/1.1 200
OK s
s.clickability.com/ 42 B
915 B 616ms
108ms Image
image/gif 34.193.167.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.clickability.com/s?&5=-60&35=0&6=567267031&7=667669&8=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&9=&10=Cyberattack%20Hobbles%20Oregon%20County%20Network%2C%20Services&11=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&12=en-US&13=0&14=1.7&15=1&16=1600x1200&17=24&18=0.8433021974943422&19=910
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.167.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-167-244.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
X-Server-Name: az-stats2
Connection: close
Content-Type: image/gif
Content-Length: 42
Server: Apache
P3P: policyref="http://www.clickability.com/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"

GET
H/1.1 200
OK 5d83df4cf5507b1297000018.js Show response
tag.marinsm.com/serve/ 10 KB
4 KB 87ms
23ms Script
text/javascript 151.101.12.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/5d83df4cf5507b1297000018.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.65 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

12632074988b86ff80dc789d6caa7957e3e59b2a355ae05ba475c5c94393782e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 1598
X-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3519
X-Served-By: cache-fra19128-FRA
Server: Cowboy
X-Timer: S1585244080.926990,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/ 224 KB
84 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fea51227a0d0a882dcf26ad5791bdf3bbb79958e076630e86427a8266300a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 85515
x-xss-protection: 0
server: cafe
etag: 13950792502640807200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Mar 2020 17:34:39 GMT

GET
H2 200 ProximaNova-Thin-webfont.woff
services.erepublic.com/fonts/ProximaNova/ 25 KB
25 KB 667ms
320ms Font
application/octet-stream 54.193.17.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.erepublic.com/fonts/ProximaNova/ProximaNova-Thin-webfont.woff
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.17.225 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-17-225.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 38b69256a2aa7a05430c8921fa5afa62d446f8cc460f644acd51a83c7dff4ddf

Request headers

Referer: https://services.erepublic.com/fonts/ProximaNova/stylesheet.css
Origin: https://www.govtech.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
last-modified: Mon, 12 Dec 2016 20:47:29 GMT
server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
access-control-allow-origin: *
etag: "64ac-5437c364f2b8e"
status: 200
accept-ranges: bytes
content-length: 25772

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200319/r20190131/ Frame 5DD8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200319/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200319/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 21 Mar 2020 14:49:24 GMT
expires: Sat, 04 Apr 2020 14:49:24 GMT
content-type: text/html; charset=UTF-8
etag: 17714563530871986051
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4497
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 441915
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 ProximaNova-Bold-webfont.woff
services.erepublic.com/fonts/ProximaNova/ 25 KB
25 KB 794ms
473ms Font
application/octet-stream 54.193.17.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.erepublic.com/fonts/ProximaNova/ProximaNova-Bold-webfont.woff
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.17.225 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-17-225.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 53e8ed5f13fc835df230adfe94e89a5db80bad8798d1b3362626a52d980e161c

Request headers

Referer: https://services.erepublic.com/fonts/ProximaNova/stylesheet.css
Origin: https://www.govtech.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
last-modified: Mon, 12 Dec 2016 20:47:29 GMT
server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
access-control-allow-origin: *
etag: "6464-5437c364f0c4e"
status: 200
accept-ranges: bytes
content-length: 25700

GET
H2 200 ProximaNova-Reg-webfont.woff
services.erepublic.com/fonts/ProximaNova/ 25 KB
25 KB 652ms
332ms Font
application/octet-stream 54.193.17.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.erepublic.com/fonts/ProximaNova/ProximaNova-Reg-webfont.woff
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.17.225 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-17-225.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 09f06b2bfd3176725fd09519699b1f45f989f78be2ae7e5d85a0dc1a1f452349

Request headers

Referer: https://services.erepublic.com/fonts/ProximaNova/stylesheet.css
Origin: https://www.govtech.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
last-modified: Mon, 12 Dec 2016 20:47:29 GMT
server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
access-control-allow-origin: *
etag: "64d8-5437c364f1bee"
status: 200
accept-ranges: bytes
content-length: 25816

GET
H/1.1 200
OK shutterstock_729110329.jpg
media2.govtech.com/images/940*604/ 269 KB
270 KB 614ms
569ms Image
image/jpeg 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media2.govtech.com/images/940*604/shutterstock_729110329.jpg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 41bb906cc109eda57d7995a01abf6e166c2ad63b87dca5bdaa06e45a2385cd90

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
Last-Modified: Fri, 24 Jan 2020 22:09:42 GMT
X-Server-Name: az-cmlive14
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 275820
Server: Apache

GET
H2 200 ProximaNova-Sbold-webfont.woff
services.erepublic.com/fonts/ProximaNova/ 25 KB
25 KB 767ms
474ms Font
application/octet-stream 54.193.17.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.erepublic.com/fonts/ProximaNova/ProximaNova-Sbold-webfont.woff
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.17.225 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-17-225.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: c0cee3b1cb25c82d10175572f1f5ee585113ee15fad2e930ce9da002a8a9b15f

Request headers

Referer: https://services.erepublic.com/fonts/ProximaNova/stylesheet.css
Origin: https://www.govtech.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
last-modified: Mon, 12 Dec 2016 20:47:29 GMT
server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
access-control-allow-origin: *
etag: "64e8-5437c364f1bee"
status: 200
accept-ranges: bytes
content-length: 25832

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1564475324&t=pageview&_s=1&dl=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&ul=en-us&de=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-732206-2&cid=2051354842.1585244080&jid=1643267329&_gid=938042115.1585244080&gjid=1971941266&_v=j81&z=902268580
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-732206-2&cid=2051354842.1585244080&jid=1643267329&_v=j81&z=902268580
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-732206-2&cid=2051354842.1585244080&jid=1643267329&_v=j81&z=902268580&slf_rd=1&random=1308540980

42 B
109 B

27ms
26ms

Image
image/gif

2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-732206-2&cid=2051354842.1585244080&jid=1643267329&_v=j81&z=902268580&slf_rd=1&random=1308540980

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-732206-2&cid=2051354842.1585244080&jid=1643267329&_v=j81&z=902268580&slf_rd=1&random=1308540980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:1700:182::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:182::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:34:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=49091
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: SpGhU9JAq0M9wMGm3S9w5qp6RmLpBnMZLUuXoA5LX9zc1ydPrRmktIPlY6vf5gG7bA/J7fmYw/kcRR2b5zfqig==
x-fb-trip-id: 1850256238
date: Thu, 26 Mar 2020 17:34:39 GMT, Thu, 26 Mar 2020 17:34:39 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 63ms
22ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
age: 33642
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4065-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1585244080.004297,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK MzguMTA4LjEwOC4xNzg7VW5pdGVkIFN0YXRlcw==.gif
analytics.erepublic.com/cms/module/lg/ 35 B
352 B 813ms
761ms Image
image/gif 13.52.149.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.erepublic.com/cms/module/lg/MzguMTA4LjEwOC4xNzg7VW5pdGVkIFN0YXRlcw==.gif
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.52.149.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-52-149-16.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) PHP/7.0.33 / PHP/7.0.33
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 26 Mar 2020 17:34:40 GMT
Server: Apache/2.4.41 (Amazon) PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 35

GET
H/1.1 200
OK gt_2016_interstitial.tpl Show response
www.govtech.com/includes/ 31 KB
9 KB 118ms
118ms XHR
text/html 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/includes/gt_2016_interstitial.tpl?cb=1584484293832
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 655bd6001642dfe8b642a1bfe06d6129c4c12fe8842425b233de97e24b4a6611

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Nov 2019 23:10:02 GMT
X-Server-Name: az-cmlive23
Vary: Accept-Encoding
Content-Type: text/html;charset=utf-8
Connection: keep-alive
Content-Length: 9136
Server: Apache

GET
H/1.1 200
OK gt_2016_ad.tpl Show response
www.govtech.com/includes/ 225 B
460 B 134ms
134ms XHR
text/html 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/includes/gt_2016_ad.tpl?cb=1584484293832
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 13120b45692666da9c91443f82595ec96381f46e0bb0bb81bdee42ea2938c3bc

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Sep 2018 18:42:10 GMT
X-Server-Name: az-cmlive23
Vary: Accept-Encoding
Content-Type: text/html;charset=utf-8
Connection: keep-alive
Content-Length: 183
Server: Apache

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
923 B 25ms
25ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

e58e3ba0256ad5d310af7fe3fb0b642602d53aa4b8ba45ab117abe8f3fd2c087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H/1.1 200
OK widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html
platform.twitter.com/widgets/ Frame 69EB 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html?origin=https%3A%2F%2Fwww.govtech.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419E) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 588989
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 26 Mar 2020 17:34:40 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 19 Mar 2020 21:12:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419E)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 701 B
456 B 63ms
62ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1433902337370480&correlator=3011986885630914&output=ldjh&impl=fifs&adsid=NT&eid=21065764%2C21062888%2C21064368%2C21065516&vrg=2020032302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200326&iu_parts=70114778%2CMobile_Adhesion%2CRC&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x100%2C140x74&prev_scp=site%3Dwww.govtech.com%26path%3Dsecurity%26urlName%3DCyberattack%252CHobbles%252COregon%252CCounty%252CNetwork%252CServices%26content-id%3D567267031%7Crcid%3D477530993%26site%3Dwww.govtech.com&cookie_enabled=1&bc=31&abxe=1&lmt=1585172489&dt=1585244080035&dlt=1585244079251&idt=767&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933%2C1028&adys=-12245933%2C913&adks=729566086%2C781878282&ucis=1%7C2&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&dssz=49&icsg=134359776&std=0&vis=1&arp=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C340x446&msz=0x-1%7C310x94&ga_vid=2051354842.1585244080&ga_sid=1585244080&ga_hid=1564475324&fws=644%2C4&ohw=1585%2C1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1cd847ee5e0549996f18d91482478e3e7624dcfb06d5ab418e53e752cd14da4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Origin: https://www.govtech.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.govtech.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 33ms
33ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25234
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:40 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C248 0
0 117ms
117ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318863293238952&output=html&adk=1812271804&adf=3025194257&lmt=1585172489&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585244079860&bpp=14&bdt=608&fdt=194&idt=195&shv=r20200319&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2673639249957&frm=20&pv=2&ga_vid=2051354842.1585244080&ga_sid=1585244080&ga_hid=1564475324&ga_fc=0&iag=0&icsg=137573313248&dssz=50&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1433902337370480&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5318863293238952&output=html&adk=1812271804&adf=3025194257&lmt=1585172489&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585244079860&bpp=14&bdt=608&fdt=194&idt=195&shv=r20200319&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2673639249957&frm=20&pv=2&ga_vid=2051354842.1585244080&ga_sid=1585244080&ga_hid=1564475324&ga_fc=0&iag=0&icsg=137573313248&dssz=50&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1433902337370480&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=208
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 26 Mar 2020 17:34:40 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Mar-2020 17:49:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Thu, 26 Mar 2020 17:34:40 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2e60d0a77f1d63a9fd3b21fbb9d21345a61dc43d6c9b749e45753c5d993a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585165059237800"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28015
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:40 GMT

GET
H/1.1 200
OK moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js Show response
platform.twitter.com/js/ 24 KB
8 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B6) /
Resource Hash: f13585ddb86f9ec0432f36eae40bcaabe3aad166eff8424b27082c2b8174a3a2

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:12:51 GMT
Server: ECS (fcn/40B6)
Age: 588989
Etag: "e137faa829d69782b030b8ae591989d1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7864

GET
H/1.1 200
OK timeline.d228dcf3573461f298b082c9a5c0a42c.js Show response
platform.twitter.com/js/ 21 KB
7 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.d228dcf3573461f298b082c9a5c0a42c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AC) /
Resource Hash: 72945876902af2cd35e37c7dc27c9a1ece0e3f3185100c36f5e55e468182467a

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:12:51 GMT
Server: ECS (fcn/41AC)
Age: 588988
Etag: "cd03198280cd4775cf9715d3c461a225+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6656

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=97816&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=97816&source=js_tag

107 B
436 B

37ms
36ms

Script
text/javascript

52.19.228.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=97816&source=js_tag
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.228.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-228-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 793fc397fef7e49522e43e020655cf3647b690848c0a2da1669912083a7f1680

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 107
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=97816&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=570164&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&time=1585244080124
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D570164%26url%3Dhttps%253A%252F%252Fwww.govtech.com%252Fsecurity%252FCyberattack-H...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=570164&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&time=1585244080124&liSync=true

0
41 B

169ms
164ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=570164&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&time=1585244080124&liSync=true
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: GjtHmxfr/xUQvMBJYisAAA==

Redirect headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: YVuhkBfr/xWARc4ZlSsAAA==
server: Play
pragma: no-cache
x-li-pop: prod-tln1
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=570164&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&time=1585244080124&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfl13pyi5/ 38 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl13pyi5/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4734405c034b81eddf4f6a932437523f5ab8ba90e80182371c75736d0f3679fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168000
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13922
x-xss-protection: 0
last-modified: Tue, 24 Mar 2020 18:50:41 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 01 Apr 2020 18:54:40 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 194ms
145ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1brw&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Thu, 26 Mar 2020 17:34:40 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: cd85b7bf273f4b150a719fd8b56eef9c
x-transaction: 0034926f0005f1da
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK Cookie set gt_2016_ad_iframe.html Show response
www.govtech.com/templates/ Frame E742 4 KB
2 KB 117ms
115ms Document
text/html 95.101.27.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/templates/gt_2016_ad_iframe.html
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b383218fee179ded38d3dbd9de8e6c353505ab84c871e9e814814a1f52b2a9e

Request headers

Host: www.govtech.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ef3_contact=RtUbuvTzRbP2g1Fd0XaM; _ga=GA1.2.2051354842.1585244080; _gid=GA1.2.938042115.1585244080; _gat_gtag_UA_732206_2=1; __gads=ID=b2ff9ddd664a5649:T=1585244080:S=ALNI_MbuFAElAtBiGCt2nxSOhC6dfPr3dg; DNT=0; DNT_HEADER=1; DNT_COUNTRY=United States
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Response headers

Last-Modified: Mon, 23 Mar 2020 22:32:09 GMT
Content-Encoding: gzip
X-Server-Name: az-cmlive14
Content-Type: text/html;charset=utf-8
Server: Apache
Vary: Accept-Encoding
Content-Length: 1593
Date: Thu, 26 Mar 2020 17:34:40 GMT
Connection: keep-alive
Set-Cookie: f5avrbbbbbbbbbbbbbbbb=BGAAFNFGPIFCBOCPGPJLEONHNIPLANEMPBKCMDNHMDOFIALDHKIEGLOKLHNAFGPICEJCAOGPDLIDJDHJHNFPCCGPIFDADPILFHHPIBEOMGFEGBNBGOIFBANNFIILOIEJ; HttpOnly; secure

GET
H/1.1 200
OK 942.gif
analytics.erepublic.com/cms/timing/interstitial/ 35 B
352 B 296ms
184ms Image
image/gif 13.52.149.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.erepublic.com/cms/timing/interstitial/942.gif
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.52.149.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-52-149-16.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) PHP/7.0.33 / PHP/7.0.33
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 26 Mar 2020 17:34:40 GMT
Server: Apache/2.4.41 (Amazon) PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 35

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 141 KB
10 KB 226ms
224ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_CiscoSecurity_old&dnt=false&domain=www.govtech.com&lang=en&screen_name=CiscoSecurity&suppress_response_codes=true&t=1761382&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

45ff059e8276ea67d60449b7f97f052f4fd7eb8248cdc48a6b1e26d59b27c9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 10557
x-xss-protection: 0
x-response-time: 197
last-modified: Thu, 26 Mar 2020 17:34:40 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://ton.smf1.twitter.com, https://ton.smf1.twitter.com
cache-control: must-revalidate, max-age=300
x-connection-hash: 56ecba128a14f5cfd6290c61c31b49db
timing-allow-origin: *
x-transaction: 006a484c0002f215
expires: Thu, 26 Mar 2020 17:39:40 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
124 B 147ms
146ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1585244080193%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 123
pragma: no-cache
last-modified: Thu, 26 Mar 2020 17:34:40 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 05e38434901a91173c9b3596b45bb82a
x-transaction: 00ada9f20023cd31
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E742 44 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/templates/gt_2016_ad_iframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5314f1d7103c156a49a798055fcd38be8446817d51114dcb6f9da75b5f28ece2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "467 / 395 of 1000 / last-modified: 1585081375"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14788
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:40 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_JSnABP9McTWBKYeFF

43 B
574 B

196ms
145ms

Image
image/gif

104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_JSnABP9McTWBKYeFF

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Thu, 26 Mar 2020 17:34:40 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 17cb24050ed9d68e8929850f8fd61336
x-transaction: 004366210055e841
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_JSnABP9McTWBKYeFF
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_JSnABP9McTWBKYeFF&sigv=1&esig=2~18cbd1644bfd6232f522623cc8d0b7930b16bb1a
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_JSnABP9McTWBKYeFF

43 B
460 B

424ms
103ms

Image
image/gif

34.206.200.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_JSnABP9McTWBKYeFF
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.200.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-200-99.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date: Thu, 26 Mar 2020 17:34:40 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_JSnABP9McTWBKYeFF
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status: 302
x-content-type-options: nosniff
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_JSnABP9McTWBKYeFF
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_JSnABP9McTWBKYeFF

43 B
109 B

26ms
26ms

Image
image/gif

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_JSnABP9McTWBKYeFF
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.182.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 17:34:40 GMT
via: 1.1 google
server: OXGW/16.182.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 26 Mar 2020 17:34:40 GMT
via: 1.1 google
server: OXGW/16.182.1
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_JSnABP9McTWBKYeFF
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_JSnABP9McTWBKYeFF

0
239 B

30ms
30ms

Image
image/gif

69.173.144.136
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_JSnABP9McTWBKYeFF
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_JSnABP9McTWBKYeFF
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfSlNuQUJQOU1jVFdCS1llRkY
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

38ms
37ms

Image
image/gif

52.19.228.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.228.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-228-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Thu, 26 Mar 2020 17:34:40 GMT
server: HTTP server (unknown)
location: https://pixel-geo.prfct.co/cb?partnerId=goo
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 115ms
114ms Image
image/gif 52.19.228.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=19196192&source=js_tag&a_id=97816
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.228.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-228-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=19196192
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D19196192

43 B
1 KB

61ms
61ms

Image
image/gif

185.33.223.210
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D19196192

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Mar 2020 17:34:42 GMT
AN-X-Request-Uuid: 3fa2e712-6dce-4601-a0f7-fe7575f551bd
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.247:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 26 Mar 2020 17:34:42 GMT
AN-X-Request-Uuid: 9350c6e1-5d21-4c15-abaa-f5977a98aef3
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D19196192
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.242:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E742 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.govtech.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E742 109 B
171 B 18ms
17ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.govtech.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032402.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E742 169 KB
62 KB 35ms
34ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

feb14be8312e2c7acd21e27f60522ef04853fbad024ada722c7f1d13827346b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 17:33:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 63311
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:40 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E742 307 B
438 B 72ms
69ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1371827850746812&correlator=1853283867300716&output=ldjh&impl=fif&adsid=NT&eid=21065779&vrg=2020032402&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200326&iu_parts=70114778%2CI1&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480%7C970x250&prev_scp=id%3D567267031%26path%3Dsecurity%26site%3Dwww.govtech.com%26URLName%3Dsecurity%2Ccyberattack%2Chobbles%2Coregon%2Ccounty%2Cnetwork%2Cservices&eri=4&cookie=ID%3Db2ff9ddd664a5649%3AT%3D1585244080%3AS%3DALNI_MbuFAElAtBiGCt2nxSOhC6dfPr3dg&cdm=www.govtech.com&bc=31&abxe=1&lmt=1585002729&dt=1585244080422&dlt=1585244080293&idt=114&ea=0&frm=23&biw=1585&bih=1200&isw=640&ish=480&oid=3&adxs=473&adys=165&adks=189235759&ucis=cqdb3oxvis9b&ifi=1&ifk=2780420677&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&loc=https%3A%2F%2Fwww.govtech.com%2Ftemplates%2Fgt_2016_ad_iframe.html%23%257B%2522divId%2522%253A%2522ad_id_1585244080132%2522%252C%2522adUnit%2522%253A%2522I1%2522%252C%2522adSizes%2522%253A%255B%255B640%252C480%255D%252C%255B970%252C250%255D%255D%252C%2522contentId%2522%253A567267031%252C%2522site%2522%253A%2522www.govtech.com%2522%252C%2522path%2522%253A%2522security%2522%252C%2522URLName%2522%253A%255B%2522security%2522%252C%2522cyberattack%2522%252C%2522hobbles%2522%252C%2522oregon%2522%252C%2522county%2522%252C%2522network%2522%252C%2522services%2522%255D%252C%2522networkCode%2522%253A70114778%257D&top=www.govtech.com&dssz=5&icsg=170&std=0&vis=1&arp=1&dmc=8&scr_x=0&scr_y=0&psz=640x480&msz=640x480&ga_vid=2051354842.1585244080&ga_sid=1585244080&ga_hid=1081877070&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c58252af5a476083e8ed518bf13965abd3fc0d49bf05c0540cfa9fa8cc0c2a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
Origin: https://www.govtech.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 129
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.govtech.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020032402.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E742 66 KB
24 KB 36ms
33ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ec5b87f6263dcf0a25b7ef96abcda061918f067ae802b41a920f9ef2bd1a5c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 17:33:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24590
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:40 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E742 0
0 7ms
6ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 fWIizldS
pbs.twimg.com/card_img/1240903855325368321/ Frame 3AA5 3 KB
3 KB 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1240903855325368321/fWIizldS?format=png&name=144x144_2

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FA) /

Resource Hash

5e7ea7cde828485c0019b154dffeb89c997fa046b81cf6218c6f1f272c469ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 548743
x-cache: HIT
status: 200
content-length: 2974
x-response-time: 146
surrogate-key: card_img card_img/bucket/0 card_img/1240903855325368321
last-modified: Fri, 20 Mar 2020 07:29:48 GMT
server: ECS (fcn/40FA)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8bd65d8610fb1321df226d4ccadc0cf0
accept-ranges: bytes

GET
H/1.1 200
OK timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
platform.twitter.com/css/ Frame 3AA5 52 KB
12 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419E) /
Resource Hash: 12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:12:47 GMT
Server: ECS (fcn/419E)
Age: 588989
Etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12155

GET
H/1.1 200
OK timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419E) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:12:47 GMT
Server: ECS (fcn/419E)
Age: 588989
Etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12155

GET
H2 200 y3K3txzt_normal.jpg
pbs.twimg.com/profile_images/877261028962091009/ Frame 3AA5 2 KB
2 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/877261028962091009/y3K3txzt_normal.jpg

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

ccb2b6a00d7763ea55fb81196f275043338763515cb9eee1b299806a79f95e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 306219
x-cache: HIT
status: 200
content-length: 1883
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/5 profile_images/877261028962091009
last-modified: Tue, 20 Jun 2017 20:23:02 GMT
server: ECS (fcn/40E7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 33befa5e37578cd5ac1b1da74bd2d438
accept-ranges: bytes

GET
H2 200 EUDPFTWXkAARxVY
pbs.twimg.com/media/ Frame 3AA5 49 KB
50 KB 21ms
21ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUDPFTWXkAARxVY?format=png&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

67c7983f631d99468058a64a4b0b8caa2c42d089883c4609295d7aeb88bd4bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 2061
x-cache: MISS
status: 200
content-length: 50446
x-response-time: 154
surrogate-key: media media/bucket/1 media/1243221187154644992
last-modified: Thu, 26 Mar 2020 16:58:03 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 264c94b7739b3486bf0175fb5e73521e
accept-ranges: bytes

GET
H2 200 EUDBWBCWoAA9Xg_
pbs.twimg.com/media/ Frame 3AA5 10 KB
10 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUDBWBCWoAA9Xg_?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F9) /

Resource Hash

340c6b9f7d55a2d9e020795cbe0112f0ab61efe4654449dca221f30086990955

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 5660
x-cache: HIT
status: 200
content-length: 10208
x-response-time: 158
surrogate-key: media media/bucket/9 media/1243206081133846528
last-modified: Thu, 26 Mar 2020 15:58:02 GMT
server: ECS (fcn/40F9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d52c503eb423b8eb3cad36f3215b0712
accept-ranges: bytes

GET
H2 200 EUCzmyVXQAAU1lE
pbs.twimg.com/media/ Frame 3AA5 13 KB
13 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUCzmyVXQAAU1lE?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

fe23c2fe9909e693f9d383d0ca9929cf23b42913547a2094ac973e953696053d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 9260
x-cache: HIT
status: 200
content-length: 13049
x-response-time: 159
surrogate-key: media media/bucket/7 media/1243190976082034688
last-modified: Thu, 26 Mar 2020 14:58:00 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5b0542df34632934c685019327cd5f4c
accept-ranges: bytes

GET
H2 200 EUCYJDiXQAAE-sj
pbs.twimg.com/media/ Frame 3AA5 10 KB
10 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUCYJDiXQAAE-sj?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DB) /

Resource Hash

1ae5ef554aee76fffb7ceba5a75bdfbc85a36c68c396d3c8a6116386e13584a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 16466
x-cache: HIT
status: 200
content-length: 10279
x-response-time: 154
surrogate-key: media media/bucket/4 media/1243160778489937920
last-modified: Thu, 26 Mar 2020 12:58:01 GMT
server: ECS (fcn/40DB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 538ca271be142ba316aa0838ff0e4327
accept-ranges: bytes

GET
H2 200 EUB8rLvXgAUKk3N
pbs.twimg.com/media/ Frame 3AA5 18 KB
18 KB 25ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUB8rLvXgAUKk3N?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

3897d4740d09079988ff228495e1483070411935e7fd5032a8cf3f47e94f276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 23636
x-cache: HIT
status: 200
content-length: 18272
x-response-time: 151
surrogate-key: media media/bucket/1 media/1243130578481938437
last-modified: Thu, 26 Mar 2020 10:58:00 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f9ca715b07097b094d7473a580294180
accept-ranges: bytes

GET
H2 200 EUBTfQqWoAAovNM
pbs.twimg.com/media/ Frame 3AA5 18 KB
18 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUBTfQqWoAAovNM?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E6) /

Resource Hash

c0ac69d456b799bdee951472adce8ae725a398a0facd4309061ddfe722f4158c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 34445
x-cache: HIT
status: 200
content-length: 18641
x-response-time: 152
surrogate-key: media media/bucket/9 media/1243085293667917824
last-modified: Thu, 26 Mar 2020 07:58:04 GMT
server: ECS (fcn/40E6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 19f5a16981fd4a7ea864e0f0f7e3ee08
accept-ranges: bytes

GET
H2 200 ET-8adPXkAIBbXr
pbs.twimg.com/media/ Frame 3AA5 20 KB
20 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET-8adPXkAIBbXr?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

7224e93baeedabe29c3e3ba47fc24d49c3c6cab298133eca4aff003bc5fc2c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 74049
x-cache: HIT
status: 200
content-length: 20193
x-response-time: 167
surrogate-key: media media/bucket/9 media/1242919184889253890
last-modified: Wed, 25 Mar 2020 20:58:00 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 00b1d1dc71d69edf46bb88bcf2c1a481
accept-ranges: bytes

GET
H2 200 ET-g820WoAYm1hU
pbs.twimg.com/media/ Frame 3AA5 49 KB
49 KB 21ms
21ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET-g820WoAYm1hU?format=png&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B1) /

Resource Hash

a4c0672580bef37dd24e0b9b1678bc69d17830da99b39d24bc0815d3bbce971d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 81262
x-cache: HIT
status: 200
content-length: 50359
x-response-time: 166
surrogate-key: media media/bucket/6 media/1242888989545242630
last-modified: Wed, 25 Mar 2020 18:58:01 GMT
server: ECS (fcn/40B1)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 67fd7e95c245d3a4190d7ba266609a1a
accept-ranges: bytes

GET
H2 200 ET-TNvvXQAIUjiu
pbs.twimg.com/media/ Frame 3AA5 24 KB
24 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET-TNvvXQAIUjiu?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B6) /

Resource Hash

652c10910e902559165f333d8a80b7be13a4b7dafcdad2717197f4b9cf424fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 84814
x-cache: HIT
status: 200
content-length: 24658
x-response-time: 164
surrogate-key: media media/bucket/0 media/1242873886540251138
last-modified: Wed, 25 Mar 2020 17:58:00 GMT
server: ECS (fcn/40B6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fa7e5c032b02466f7e90c211e1c21609
accept-ranges: bytes

GET
H2 200 ET9qBK1XsAEHOsZ
pbs.twimg.com/media/ Frame 3AA5 8 KB
9 KB 11ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET9qBK1XsAEHOsZ?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

24334fa3af49209342f9b2fd50d49e5d5d1eacb17ad0f01143f7c95e2f2c48a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 95664
x-cache: HIT
status: 200
content-length: 8699
x-response-time: 195
surrogate-key: media media/bucket/6 media/1242828590498164737
last-modified: Wed, 25 Mar 2020 14:58:01 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c119e3e295149777347468bc8a1e06a8
accept-ranges: bytes

GET
H2 200 ET9OjasXkAIIrmU
pbs.twimg.com/media/ Frame 3AA5 23 KB
23 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET9OjasXkAIIrmU?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

606532caf748887918c4c5607936fcd63b25e6559e086254d8298f73f3122ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 102862
x-cache: HIT
status: 200
content-length: 23625
x-response-time: 159
surrogate-key: media media/bucket/2 media/1242798392545349634
last-modified: Wed, 25 Mar 2020 12:58:01 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b93375e1c9279df426ca92e44bdafd10
accept-ranges: bytes

GET
H2 200 ET8zFklWkAYOTBx
pbs.twimg.com/media/ Frame 3AA5 25 KB
25 KB 13ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET8zFklWkAYOTBx?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4199) /

Resource Hash

b70b2dadf7ac81a171f91f256f76cf617800306974fb4beafbf279ad5b156d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 110061
x-cache: HIT
status: 200
content-length: 25217
x-response-time: 158
surrogate-key: media media/bucket/6 media/1242768192990253062
last-modified: Wed, 25 Mar 2020 10:58:01 GMT
server: ECS (fcn/4199)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3f08332f3934d82db2264a3200020d14
accept-ranges: bytes

GET
H2 200 ET8J6pjXQAA4fNI
pbs.twimg.com/media/ Frame 3AA5 3 KB
3 KB 12ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET8J6pjXQAA4fNI?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D2) /

Resource Hash

541c4661d28fa74e5bef741a4f2b9ed1c7a336247efdcb9a5e2295f2a9a2b4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 120862
x-cache: HIT
status: 200
content-length: 2667
x-response-time: 152
surrogate-key: media media/bucket/3 media/1242722925368786944
last-modified: Wed, 25 Mar 2020 07:58:08 GMT
server: ECS (fcn/40D2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 333f040bb0607f4fd5f19b671c0367cb
accept-ranges: bytes

GET
H2 200 ET6OSjMWoAMEAnC
pbs.twimg.com/media/ Frame 3AA5 11 KB
11 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET6OSjMWoAMEAnC?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

06417a43da1b87d5e7eaf0c890dadab3b7734bb29dd7b104f076e3900b6ce756

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 153130
x-cache: HIT
status: 200
content-length: 11085
x-response-time: 150
surrogate-key: media media/bucket/2 media/1242586996536680451
last-modified: Tue, 24 Mar 2020 22:58:00 GMT
server: ECS (fcn/4185)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9e278d7377ac14806a57209d9b3c505a
accept-ranges: bytes

GET
H2 200 ET5y0veX0AgSI_d
pbs.twimg.com/media/ Frame 3AA5 6 KB
6 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET5y0veX0AgSI_d?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

ab73d6838b4f5aaef1f654c711284044f0e7cc49ad164c38cb549be47abd28ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 160465
x-cache: HIT
status: 200
content-length: 6424
x-response-time: 151
surrogate-key: media media/bucket/1 media/1242556797623455752
last-modified: Tue, 24 Mar 2020 20:58:00 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4ae24ff3a406204c7f77db5f185ec56d
accept-ranges: bytes

GET
H2 200 ET5XXF_XYAYsbDh
pbs.twimg.com/media/ Frame 3AA5 16 KB
16 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET5XXF_XYAYsbDh?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AB) /

Resource Hash

760bf9cc0b09317725186e156bf0b3f52992c53e689e0007009f5ccba1402a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 167671
x-cache: HIT
status: 200
content-length: 15898
x-response-time: 157
surrogate-key: media media/bucket/1 media/1242526601457393670
last-modified: Tue, 24 Mar 2020 18:58:01 GMT
server: ECS (fcn/41AB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f999409d56338792c844b14e8e161d90
accept-ranges: bytes

GET
H2 200 ET4uLD0XgAInu7F
pbs.twimg.com/media/ Frame 3AA5 16 KB
16 KB 10ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET4uLD0XgAInu7F?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A2) /

Resource Hash

481771d9f6bc53e98bdbc1ae507e595dfc0b06fae9748070e407d5acfb4d1e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 178471
x-cache: HIT
status: 200
content-length: 16313
x-response-time: 228
surrogate-key: media media/bucket/5 media/1242481314739224578
last-modified: Tue, 24 Mar 2020 15:58:04 GMT
server: ECS (fcn/41A2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a93d254f7d1e8b7436eb1260f07c1f54
accept-ranges: bytes

GET
H2 200 ET4gbZ6XsAAZBHy
pbs.twimg.com/media/ Frame 3AA5 12 KB
12 KB 10ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET4gbZ6XsAAZBHy?format=jpg&name=360x360

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

e1a71fb22f2c6fd196b47938530f7a6257f947e02625c2913f09289c361fea1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
age: 182062
x-cache: HIT
status: 200
content-length: 11942
x-response-time: 211
surrogate-key: media media/bucket/6 media/1242466202385100800
last-modified: Tue, 24 Mar 2020 14:58:01 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dc21e76d678d4212b8e8897c01d4b7d4
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 3AA5 44 KB
7 KB 9ms
6ms Stylesheet
text/css 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480278
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 10
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 816d07141f1ca411e004dca2884319c2
accept-ranges: bytes
expires: Thu, 02 Apr 2020 17:34:40 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 9ms
6ms Image
text/css 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480278
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 10
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 816d07141f1ca411e004dca2884319c2
accept-ranges: bytes
expires: Thu, 02 Apr 2020 17:34:40 GMT

GET
DATA 200
OK truncated
/ Frame 3AA5 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3AA5 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3AA5 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3AA5 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3AA5 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3AA5 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E742 7 KB
5 KB 24ms
24ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032402&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd767fbf0f22f62f95bdb4f038ccc22a498da3bacdb763efda69e31f0c9c4430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
Origin: https://www.govtech.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5257
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E742 14 KB
5 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:40 GMT

GET
H2 200 fWIizldS
pbs.twimg.com/card_img/1240903855325368321/ Frame 3AA5 3 KB
3 KB 1608ms
1608ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1240903855325368321/fWIizldS?format=png&name=144x144_2

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

5e7ea7cde828485c0019b154dffeb89c997fa046b81cf6218c6f1f272c469ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:34:42 GMT
x-content-type-options: nosniff
age: 272165
x-cache: HIT
status: 200
content-length: 2974
x-response-time: 141
surrogate-key: card_img card_img/bucket/0 card_img/1240903855325368321
last-modified: Fri, 20 Mar 2020 07:29:48 GMT
server: ECS (fcn/40DE)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8289a9cbf5edab56ef27c12346011610
accept-ranges: bytes

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2F75 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 26 Mar 2020 16:40:17 GMT
expires: Fri, 26 Mar 2021 16:40:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3263
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E742 0
58 B 28ms
27ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032402&jk=1371827850746812&bg=!cnGlcWlYs36IkmJAcbsCAAAAP1IAAAAKmQF0_Pj3jB6C_Id7QLCWqtMwIxWmDSFkIY8S8Ce2K1OxcJ8fpziLN2YOU7n2RJPXDI9fxhyJpDyLgEMgyPcMEmeirJr0VHKafFqUHRvBet9NAMYykLHehX4auo4LBPnsnRqk1b0Ooj2zF-uMs349hIIHvAB1_1nSQ85P0SoINLErJjZ-WVCRiWTumbRKtQM5pPZ7mUsfULljJTEb6I3UjhKAM2ZNbde5fKcZwID04hQO_6jE_WgN-IZHu38uWTTfxxa5e2QhpVTuN9BVMvxBehbiE7ZHPHdl4euHpWxgPERbhdTqICRLuqbpRUIS0iJUkMgYp4Za50dF1BIvd_L-1_ngyEVFoinPL0kbQ_T-nuJY5G89RiF27M2WDN4fBU9kTWe2O0mp4Jy5dCX9956Jq_b_lA74jw0JMa4A3Kjnszmi9g2SDXV-g1FhqOTQkn1y8ybAVi3Oi1Y_nJiOpCBfYeslMmzx95VN6FvL8aJc6mSQPNDC6pBF

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/templates/gt_2016_ad_iframe.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 17:34:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 678A
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

7ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: personalization_id="v1_SlQpixMnaxVVnWglB1vzVg=="
Upgrade-Insecure-Requests: 1
Origin: https://www.govtech.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 588990
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 26 Mar 2020 17:34:41 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 19 Mar 2020 21:21:20 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AC)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 26 Mar 2020 17:34:40 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 26 Mar 2020 17:34:40 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 05e38434901a91173c9b3596b45bb82a
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 120
x-transaction: 00c77de90058ac3b
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 RtUbuvTzRbP2g1Fd0XaM
cms.erepublic.com/common/tracking/track_pageview/ 35 B
784 B 586ms
205ms Image
image/gif 54.241.143.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.erepublic.com/common/tracking/track_pageview/RtUbuvTzRbP2g1Fd0XaM?acton_cookie=26a879e1-c73b-48be-b886-432ce9d0078d
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.143.183 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-143-183.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.28 / PHP/7.2.28
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 17:34:41 GMT
server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.28
access-control-allow-origin: *
x-powered-by: PHP/7.2.28
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-headers: origin, x-requested-with, content-type
content-length: 35

GET
H2 200 magazine_nag Show response
cms.erepublic.com/common/dynamic_modules/ 83 B
393 B 200ms
200ms Script
application/javascript 54.241.143.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.erepublic.com/common/dynamic_modules/magazine_nag?callback=jQuery224018991304985138413_1585244079839&__referer_ref=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&ef3_contact=RtUbuvTzRbP2g1Fd0XaM&promo_code=2003WEB&load_ef3_form_type=default&domTarget=%5Bdata-ac-module%3D%22https%3A%2F%2Fcms.erepublic.com%2Fcommon%2Fdynamic_modules%2Fmagazine_nag%22%5D&_=1585244079840
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.143.183 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-143-183.us-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.28 / PHP/7.2.28
Resource Hash: cf745d5b0498c80c5ba0546e4b5b5c8584b244fd19d84b09fed80e6f068fb1e0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:41 GMT
content-encoding: gzip
server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.28
access-control-allow-origin: *
x-powered-by: PHP/7.2.28
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-headers: origin, x-requested-with, content-type
content-length: 91

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 14ms
14ms Script
application/x-javascript 2600:9000:20e8:e600:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20e8:e600:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 16:18:24 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 4577
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: QOFhKXLCvpWuL2EQJ9ICqXyFRv8XyN6-ohd7m0dUHfHQPJqz4w5ayg==
via: 1.1 f23d0814f3a7efcdd4936fa69b3d072b.cloudfront.net (CloudFront)
expires: Thu, 26 Mar 2020 18:18:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 19ms
19ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200319&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d211651267472c902bada212a98ad7b511c9f1007b189d10085dc408f50d009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
Origin: https://www.govtech.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Mar 2020 17:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5201
x-xss-protection: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
268 B 143ms
143ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1brw&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Thu, 26 Mar 2020 17:34:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 17cb24050ed9d68e8929850f8fd61336
x-transaction: 00ad50ed0041929d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK 16245
marketing.erepublic.com/acton/bn/ 43 B
509 B 163ms
163ms Image
image/gif 207.189.124.17
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketing.erepublic.com/acton/bn/16245?ref=&v=2&ts=1585244079820&nc=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.189.124.17 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 26 Mar 2020 17:34:40 GMT
X-Cnection: close
Server: Apache-Coyote/1.1
Content-Type: image/gif
Content-Length: 43
Vary: Accept-Encoding
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 363ms
119ms Image
image/gif 3.223.54.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=govtech.com&p=%2Fsecurity%2FCyberattack-Hobbles-Oregon-County-Network-Services.html&u=CS4FpUBt429-C7FbRa&d=govtech.com&g=46219&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4093&o=1680&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2631&t=CQZOxC8n0xUBQdY_6BrzKV2BxWG41&V=118&i=Cyberattack%20Hobbles%20Oregon%20County%20Network%2C%20Services&tz=-60&sn=1&sv=Di3Lo0BA26jJDJ0mT3DU05USBMNY7y&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.54.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-54-222.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Thu, 26 Mar 2020 17:34:41 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 26 Mar 2020 17:34:41 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 95EB 0
0 10ms
8ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 26 Mar 2020 16:40:17 GMT
expires: Fri, 26 Mar 2021 16:40:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3264
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 27ms
26ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200319&jk=1433902337370480&bg=!oaKlorpYazyyHF71sFgCAAAASlIAAAANmQFbTwORWOegXR4hABPayN6N3HAS5LvFBk7krTEwRcUZBgjW-E8ycWm0JPvcq5vhoUlC_BSXrJLBz_KmTW1VpCZED4YKKdxE8SOu-wkaZwhVABLhvEFDViohPMonM1oqUbQxVGQGIRC4ss6oMVwMFaueQmvJh0XIzBvOcAVusPgRHgB25y8haDKmyGneA93gZ8QIvpe0CHL7W6VNJ1NJpMgTNunpQta6osQg2PHPmr4VhXSa0E9Q6MPPduIPh_D50bt5LT8kjGwoeyI3eTSh7lvu9gynr9qQm5c8ma32cZA72ubo30Svnay00oAolzq1Jb-wcTat7CtPvWlyxxKNjv8_ueQwfv3EpODX0h3u8W7YIFazz1mr8zXGXxQ9-Tplf8Y86dETeuTXZXP5PBhK8tPHm1ljvvDX8ZMjB9H6r-L72d4XE0F5xqCBmWV8oORPgw9fpW8XlkFXhquYuQ8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 17:34:41 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.twitter.com/	1970-01-20 01:51:56	Name: personalization_id Value: "v1_SlQpixMnaxVVnWglB1vzVg=="
www.govtech.com/	1970-01-19 09:03:52	Name: DNT_HEADER Value: 1
.govtech.com/	1970-01-20 01:51:56	Name: __gads Value: ID=b2ff9ddd664a5649:T=1585244080:S=ALNI_MbuFAElAtBiGCt2nxSOhC6dfPr3dg
.govtech.com/	1970-01-19 08:20:44	Name: _gat_gtag_UA_732206_2 Value: 1
.govtech.com/	1970-01-19 08:22:10	Name: _gid Value: GA1.2.938042115.1585244080
www.govtech.com/	1970-01-19 09:03:52	Name: DNT_COUNTRY Value: United States
.govtech.com/	1970-01-20 01:51:56	Name: _ga Value: GA1.2.2051354842.1585244080
www.govtech.com/security	1969-12-31 23:59:59	Name: f5avrbbbbbbbbbbbbbbbb Value: JIOOPFCIGDCGPEOLACAFLKGEAODPJENBHFEEDINCCFEGPDOBDCKJAKENNHFLFCJNFFKAJMNPLACDEEKLHNAPNGDNHHJALLAOEHDCMECHBCPAFOJDGOAIICNHEANKCHPB
www.govtech.com/templates	1969-12-31 23:59:59	Name: f5avrbbbbbbbbbbbbbbbb Value: BGAAFNFGPIFCBOCPGPJLEONHNIPLANEMPBKCMDNHMDOFIALDHKIEGLOKLHNAFGPICEJCAOGPDLIDJDHJHNFPCCGPIFDADPILFHHPIBEOMGFEGBNBGOIFBANNFIILOIEJ
www.govtech.com/	1970-01-22 23:56:44	Name: ef3_contact Value: RtUbuvTzRbP2g1Fd0XaM
.doubleclick.net/	1970-01-19 17:42:20	Name: IDE Value: AHWqTUkDNZX-o0mU8wVJufSkbrqrUeuK42iSZyaRuWXlzOBaR9Bj8vkJUpr_lCWn
www.govtech.com/	1970-01-19 09:03:52	Name: DNT Value: 0
www.govtech.com/security	1969-12-31 23:59:59	Name: cc Value: t

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html(Line 24) Message: DFP: 1 - Setting up globals.
console-api	log	URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html(Line 136) Message: Interstitial NOT SEEN. intCookie not set
console-api	info	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 6) Message: Powered by AMP ⚡ HTML – e.Republic version
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 18) Message: gpt.js NOT LOADED in gt_2016_load_googletag DNT=1
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 18) Message: [object Object]
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: from article controller
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: Section NOT excluded from In Article.
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: Content NOT excluded from In Article.
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: Not jobs.
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: /security/Cyberattack-Hobbles-Oregon-County-Network-Services.html
console-api	log	URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html(Line 44) Message: DFP: 2 - Configuring mob adhesion ad.
console-api	log	URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html(Line 55) Message: DFP: 3 - Listening for ad result.
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 18) Message: intCookie is: undefined
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 18) Message: intCookie screen size: 1600
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 18) Message: Section NOT excluded from Interstitial.
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 18) Message: intCookie displayAd is: true
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 18) Message: false undefined
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Invalid PixelID: null.
console-api	log	URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html(Line 211) Message: is not EU
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 18) Message: [object MessageEvent]
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: increasing count
console-api	warning	URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html(Line 1703) Message: All ajax calls completed, do scroll.
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: increasing count
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: starting
console-api	log	URL: https://www.govtech.com/includes/gt_2016_all.min.js?new=3295251(Line 17) Message: stop checkModule
console-api	log	URL: https://www.govtech.com/security/Cyberattack-Hobbles-Oregon-County-Network-Services.html(Line 72) Message: Auto close interstitial.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
adservice.google.be
adservice.google.com
adservice.google.de
analytics.erepublic.com
analytics.twitter.com
cdn.datatables.net
cdn.syndication.twimg.com
cm.g.doubleclick.net
cms.erepublic.com
connect.facebook.net
googleads.g.doubleclick.net
marketing.erepublic.com
media.erepublic.com
media.governing.com
media2.govtech.com
pagead2.googlesyndication.com
pbs.twimg.com
ping.chartbeat.net
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
platform.twitter.com
px.ads.linkedin.com
s.clickability.com
s.ytimg.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.erepublic.com
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
tag.marinsm.com
ton.twimg.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.govtech.com
www.linkedin.com
www.youtube.com
104.244.42.131
104.244.42.133
104.244.42.8
13.227.156.53
13.52.149.16
151.101.112.157
151.101.12.65
172.217.16.130
172.217.16.194
185.33.223.210
207.189.124.17
2600:9000:20e8:e600:18:1fcd:349:ca21
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:325d
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:815::2002
2a00:1450:4001:816::200e
2a00:1450:4001:817::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:820::2002
2a00:1450:400c:c00::9a
2a02:26f0:1700:182::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
3.223.54.222
34.193.167.244
34.206.200.99
34.95.120.147
52.19.228.230
54.193.17.225
54.241.143.183
69.173.144.136
95.101.27.101
95.101.27.99
014dca4f1265067a9d5f2cb59830269cc3f3aa217f1f3376f84c9d9690f1f16b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
06417a43da1b87d5e7eaf0c890dadab3b7734bb29dd7b104f076e3900b6ce756
09f06b2bfd3176725fd09519699b1f45f989f78be2ae7e5d85a0dc1a1f452349
12632074988b86ff80dc789d6caa7957e3e59b2a355ae05ba475c5c94393782e
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
13120b45692666da9c91443f82595ec96381f46e0bb0bb81bdee42ea2938c3bc
198c88313d65f4d2b30b218566c00f96002f78ae125643d5a73a669b46cab112
1ae5ef554aee76fffb7ceba5a75bdfbc85a36c68c396d3c8a6116386e13584a1
1b6ab402ae0ebbcf7da2bd6c0ec8c31c29f41ca2b2294ebb9a2a37f73afb9be5
1cd847ee5e0549996f18d91482478e3e7624dcfb06d5ab418e53e752cd14da4c
1fea51227a0d0a882dcf26ad5791bdf3bbb79958e076630e86427a8266300a2a
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
24334fa3af49209342f9b2fd50d49e5d5d1eacb17ad0f01143f7c95e2f2c48a2
26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd
2f254c89e3e4c68652d4929d9b2fd6b0529f5072189269be220c8d89f4e9523a
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
340c6b9f7d55a2d9e020795cbe0112f0ab61efe4654449dca221f30086990955
3897d4740d09079988ff228495e1483070411935e7fd5032a8cf3f47e94f276a
38b69256a2aa7a05430c8921fa5afa62d446f8cc460f644acd51a83c7dff4ddf
3c005dba1d518d8fcd6bb8b0cd5264947d7c8c5b53363556d98c453428a376ef
41bb906cc109eda57d7995a01abf6e166c2ad63b87dca5bdaa06e45a2385cd90
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45ff059e8276ea67d60449b7f97f052f4fd7eb8248cdc48a6b1e26d59b27c9f4
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4734405c034b81eddf4f6a932437523f5ab8ba90e80182371c75736d0f3679fd
481771d9f6bc53e98bdbc1ae507e595dfc0b06fae9748070e407d5acfb4d1e93
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cad2b0f16c313ea26763cf281e55c1b32a79372dba0ff8b827c85e978e0784b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5314f1d7103c156a49a798055fcd38be8446817d51114dcb6f9da75b5f28ece2
53e8ed5f13fc835df230adfe94e89a5db80bad8798d1b3362626a52d980e161c
541c4661d28fa74e5bef741a4f2b9ed1c7a336247efdcb9a5e2295f2a9a2b4da
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5e7ea7cde828485c0019b154dffeb89c997fa046b81cf6218c6f1f272c469ac7
606532caf748887918c4c5607936fcd63b25e6559e086254d8298f73f3122ac4
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
652c10910e902559165f333d8a80b7be13a4b7dafcdad2717197f4b9cf424fb6
655bd6001642dfe8b642a1bfe06d6129c4c12fe8842425b233de97e24b4a6611
67c7983f631d99468058a64a4b0b8caa2c42d089883c4609295d7aeb88bd4bf8
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b383218fee179ded38d3dbd9de8e6c353505ab84c871e9e814814a1f52b2a9e
7224e93baeedabe29c3e3ba47fc24d49c3c6cab298133eca4aff003bc5fc2c06
72945876902af2cd35e37c7dc27c9a1ece0e3f3185100c36f5e55e468182467a
746edc06990bc286d061d5b20642318589395f5ee7c78f8926712190b98da265
760bf9cc0b09317725186e156bf0b3f52992c53e689e0007009f5ccba1402a5f
793fc397fef7e49522e43e020655cf3647b690848c0a2da1669912083a7f1680
8d211651267472c902bada212a98ad7b511c9f1007b189d10085dc408f50d009
9770f92a133d8b21cfe70f42833ad53fd9e8fa40433c3416d4797a08bc50cd94
9e2dfb54faa1acf1b2ecf4f61d2242236dec875d3df52c3ceed3cef67107f948
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4c0672580bef37dd24e0b9b1678bc69d17830da99b39d24bc0815d3bbce971d
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
ab73d6838b4f5aaef1f654c711284044f0e7cc49ad164c38cb549be47abd28ee
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b70b2dadf7ac81a171f91f256f76cf617800306974fb4beafbf279ad5b156d41
b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925
bd767fbf0f22f62f95bdb4f038ccc22a498da3bacdb763efda69e31f0c9c4430
c0ac69d456b799bdee951472adce8ae725a398a0facd4309061ddfe722f4158c
c0cee3b1cb25c82d10175572f1f5ee585113ee15fad2e930ce9da002a8a9b15f
c58252af5a476083e8ed518bf13965abd3fc0d49bf05c0540cfa9fa8cc0c2a35
ccb2b6a00d7763ea55fb81196f275043338763515cb9eee1b299806a79f95e8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf745d5b0498c80c5ba0546e4b5b5c8584b244fd19d84b09fed80e6f068fb1e0
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1a71fb22f2c6fd196b47938530f7a6257f947e02625c2913f09289c361fea1a
e2e1399aad73dbb9629ca387efdf16156ffa577b1634653d51d3a9eadcc82cf1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58e3ba0256ad5d310af7fe3fb0b642602d53aa4b8ba45ab117abe8f3fd2c087
e97bf8733ea0ae517e15c42cfbe3f3efb5db182de09424cb7af151066c7ad2e4
e9b6e495599e9587ee7deef24c7dbe99a83c4df8f3a4aaa35eaa36d30a65fda6
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec5b87f6263dcf0a25b7ef96abcda061918f067ae802b41a920f9ef2bd1a5c07
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13585ddb86f9ec0432f36eae40bcaabe3aad166eff8424b27082c2b8174a3a2
f14a70982cea4e1e978a663f05421144e4ae8e390dc0e107e79331db86ecca6f
f2e60d0a77f1d63a9fd3b21fbb9d21345a61dc43d6c9b749e45753c5d993a6e8
f4f1b73e3b032d06e6974fee38b30c9acee456a4c9b4787973c59f84e8c6b523
f7a3b9591a84d08363416ea47bec787d17beb4aed51e269475d19840be1e82e9
fe23c2fe9909e693f9d383d0ca9929cf23b42913547a2094ac973e953696053d
feb14be8312e2c7acd21e27f60522ef04853fbad024ada722c7f1d13827346b1
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

www.govtech.com Open in urlscan Pro 95.101.27.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

108 Requests

99 %HTTPS

50 %IPv6

30 Domains

47 Subdomains

38 IPs

7 Countries

1841 kBTransfer

3724 kBSize

13 Cookies

15 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.govtech.com Open in urlscan Pro
95.101.27.99 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

99 %
HTTPS

50 %
IPv6

30
Domains

47
Subdomains

38
IPs

7
Countries

1841 kB
Transfer

3724 kB
Size

13
Cookies

108 HTTP transactions
6 data transactions