features.propublica.org
Open in
urlscan Pro
2606:4700::6812:d026
Public Scan
Submission: On August 29 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 17th 2019. Valid for: a year.
This is the only time features.propublica.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
features.propublica.org | |
www.propublica.org | |
assets.propublica.org |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com | |
adservice.google.de |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.chartbeat.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: pi0-lba1-6-ue1.aws.pardot.com
pi.pardot.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-170-101-163.compute-1.amazonaws.com
ping.chartbeat.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
propublica.org
features.propublica.org www.propublica.org assets.propublica.org |
1 MB |
5 |
google.com
1 redirects
www.google.com |
1 KB |
5 |
facebook.net
connect.facebook.net |
161 KB |
4 |
facebook.com
staticxx.facebook.com www.facebook.com |
232 B |
2 |
pardot.com
pi.pardot.com |
3 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
gstatic.com
www.gstatic.com |
183 KB |
2 |
disqus.com
propublica.disqus.com disqus.com Failed |
22 KB |
2 |
google.de
adservice.google.de www.google.de |
284 B |
2 |
doubleclick.net
1 redirects
securepubads.g.doubleclick.net stats.g.doubleclick.net |
58 KB |
1 |
chartbeat.net
ping.chartbeat.net |
168 B |
1 |
chartbeat.com
static.chartbeat.com |
14 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
1 |
googletagservices.com
www.googletagservices.com |
13 KB |
0 |
disquscdn.com
Failed
c.disquscdn.com Failed |
|
57 | 15 |
Domain | Requested by | |
---|---|---|
14 | features.propublica.org |
features.propublica.org
|
6 | assets.propublica.org |
features.propublica.org
assets.propublica.org |
5 | www.google.com |
1 redirects
features.propublica.org
www.gstatic.com assets.propublica.org |
5 | connect.facebook.net |
features.propublica.org
www.propublica.org connect.facebook.net |
5 | www.propublica.org |
features.propublica.org
www.propublica.org |
3 | www.facebook.com |
connect.facebook.net
features.propublica.org www.googletagmanager.com |
2 | pi.pardot.com |
www.propublica.org
pi.pardot.com |
2 | www.google-analytics.com |
www.googletagmanager.com
features.propublica.org |
2 | www.gstatic.com |
www.google.com
|
1 | ping.chartbeat.net | |
1 | static.chartbeat.com |
www.propublica.org
|
1 | disqus.com |
propublica.disqus.com
|
1 | www.google.de |
features.propublica.org
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | propublica.disqus.com |
features.propublica.org
|
1 | www.googletagmanager.com |
www.propublica.org
|
1 | adservice.google.de |
www.googletagservices.com
|
1 | securepubads.g.doubleclick.net |
www.googletagservices.com
|
1 | www.googletagservices.com |
www.propublica.org
|
0 | c.disquscdn.com Failed |
propublica.disqus.com
|
57 | 21 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.propub3r6espa33w.onion DigiCert SHA2 Extended Validation Server CA |
2019-04-17 - 2020-04-21 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-08-24 - 2019-10-19 |
2 months | crt.sh |
www.google.com GTS CA 1O1 |
2019-07-29 - 2019-10-27 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-07-29 - 2019-10-27 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-07-29 - 2019-10-27 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-07-29 - 2019-10-27 |
3 months | crt.sh |
*.disqus.com DigiCert SHA2 Secure Server CA |
2018-03-28 - 2020-04-27 |
2 years | crt.sh |
www.google.de GTS CA 1O1 |
2019-07-29 - 2019-10-27 |
3 months | crt.sh |
*.chartbeat.com Gandi Standard SSL CA 2 |
2019-04-10 - 2020-04-10 |
a year | crt.sh |
*.pardot.com DigiCert SHA2 Secure Server CA |
2019-01-21 - 2020-01-22 |
a year | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2018-12-20 - 2020-01-01 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
https://features.propublica.org/ransomware/ransomware-attack-data-recovery-firms-paying-hackers/
Frame ID: 3E61C5DE4AA8C0045F791C6C0714FC4C
Requests: 52 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: DDAB523FFE493071204AD2386AD9CFD7
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9mZWF0dXJlcy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=v1565591531251&size=invisible&cb=crnhg5qy21r
Frame ID: 8D74F9963219C057512B10CDD407CDD5
Requests: 1 HTTP requests in this frame
Frame:
https://disqus.com/embed/comments/?base=default&f=propublica&t_i=1619431&t_u=https%3A%2F%2Ffeatures.propublica.org%2Fransomware%2Fransomware-attack-data-recovery-firms-paying-hackers%2F&t_e=Ransomware&t_d=The%20Trade%20Secret%3A%20Firms%20That%20Promised%20High-Tech%20Ransomware%20Solutions%20Almost%20Always%20Just%20Pay%20the%C2%A0Hackers&t_t=Ransomware&s_o=default
Frame ID: 8BE4705C93C00A5CC8AC5D485C9A072A
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 49A658062DCD41774FA0B265C5B43235
Requests: 1 HTTP requests in this frame
Frame:
https://assets.propublica.org/prod/v3/css/deploy/syndicated-newsletter.css
Frame ID: 176C232C837BAFA41C95ADE865F15BAA
Requests: 7 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9mZWF0dXJlcy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=v1565591531251&size=invisible&cb=4405p7x4f9zq
Frame ID: 82CD8F80A8FF995EF25B7136852E707D
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
22 Outgoing links
These are links going to different origins than the main page.
Title: ProPublica
Search URL Search Domain Scan URL
Title: Donate
Search URL Search Domain Scan URL
Title: An abridged version of this story is published in The Guardian.
Search URL Search Domain Scan URL
Title: then-
Search URL Search Domain Scan URL
Title: Let us know.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: blog
Search URL Search Domain Scan URL
Title: indicted
Search URL Search Domain Scan URL
Title: money laundering
Search URL Search Domain Scan URL
Title: computer damage
Search URL Search Domain Scan URL
Title: arrested a Polish national
Search URL Search Domain Scan URL
Title: according to
Search URL Search Domain Scan URL
Title: note
Search URL Search Domain Scan URL
Title: video
Search URL Search Domain Scan URL
Title: Oujevolk
Search URL Search Domain Scan URL
Title: wrote
Search URL Search Domain Scan URL
Title: Renee Dudley
Search URL Search Domain Scan URL
Title: Jeff Kao
Search URL Search Domain Scan URL
Title: Rob Weychert
Search URL Search Domain Scan URL
Title: Hannah Birch
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 41- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-3742720-1&cid=1318799313.1567110214&jid=1370944237&gjid=2078665211&_gid=2062341923.1567110214&_u=YGBAgAAB~&z=1006969644 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3742720-1&cid=1318799313.1567110214&jid=1370944237&_v=j79&z=1006969644 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3742720-1&cid=1318799313.1567110214&jid=1370944237&_v=j79&z=1006969644&slf_rd=1&random=399674684
57 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
features.propublica.org/ransomware/ransomware-attack-data-recovery-firms-paying-hackers/ |
140 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
features.propublica.org/ransomware/assets/css/ |
33 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
www.propublica.org/js/public/assets/ |
244 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google_ads_boot.js
www.propublica.org/js/public/assets/ |
108 B 325 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google_ads.js
www.propublica.org/js/public/assets/ |
1 KB 500 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialsnippet.js
features.propublica.org/ransomware/assets/js/lib/ |
3 KB 867 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacons.js
www.propublica.org/js/public/assets/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
features.propublica.org/ransomware/assets/js/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
871 B 643 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha-init.js
assets.propublica.org/prod/v3/js/deploy/ |
954 B 547 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syndicated-newsletter-v1.0.0.js
assets.propublica.org/prod/v3/js/deploy/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
40 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2019082201.js
securepubads.g.doubleclick.net/gpt/ |
158 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.sync.js
adservice.google.de/adsid/ |
113 B 175 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
88 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
184 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
192 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
463 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
28 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
12 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.js
propublica.disqus.com/ |
65 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pp-logo-light.min.svg
features.propublica.org/ransomware/assets/images/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nav-sprites-light.min.svg
features.propublica.org/ransomware/assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TiemposTextWeb-Regular.woff2
features.propublica.org/ransomware/assets/fonts/ |
55 KB 55 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ransomware-hr.png
features.propublica.org/ransomware/assets/images/ |
351 KB 351 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Bold-Web.woff2
features.propublica.org/ransomware/assets/fonts/ |
34 KB 34 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular-Web.woff2
features.propublica.org/ransomware/assets/fonts/ |
30 KB 30 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TiemposTextWeb-RegularItalic.woff2
features.propublica.org/ransomware/assets/fonts/ |
56 KB 57 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TiemposTextWeb-Bold.woff2
features.propublica.org/ransomware/assets/fonts/ |
55 KB 56 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TiemposTextWeb-BoldItalic.woff2
features.propublica.org/ransomware/assets/fonts/ |
58 KB 58 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1565591531251/ |
263 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ransomware-lead-900*643-475992.jpg
features.propublica.org/ransomware/assets/images/generated/ |
407 KB 407 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
132868157351935
connect.facebook.net/signals/config/ |
307 KB 79 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsletter-roadblock-big-story-features.propublica.org.html
www.propublica.org/partials/ |
2 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame DDAB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 8D74 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
1 KB 893 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lounge.c46a5b3df6acec9d5cde6bf8b61aaf6e.css
c.disquscdn.com/next/embed/styles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
common.bundle.57d935b03ca64a8fc2ae95b8d550f132.js
c.disquscdn.com/next/embed/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lounge.bundle.10adfde1a6e883b828255fddc56fa508.js
c.disquscdn.com/next/embed/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
config.js
disqus.com/next/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 232 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
disqus.com/embed/comments/ Frame 8BE4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat.js
static.chartbeat.com/js/ |
35 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pd.js
pi.pardot.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ Frame 49A6 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 168 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
analytics
pi.pardot.com/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syndicated-newsletter.css
assets.propublica.org/prod/v3/css/deploy/ Frame 176C |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ Frame 176C |
871 B 584 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha-init.js
assets.propublica.org/prod/v3/js/ Frame 176C |
1 KB 575 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 176C |
241 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TiemposHeadlineWeb-Black.woff2
assets.propublica.org/prod/v3/fonts/ Frame 176C |
35 KB 35 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular-Web.woff2
assets.propublica.org/prod/v3/fonts/ Frame 176C |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1565591531251/ Frame 176C |
263 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 82CD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- c.disquscdn.com
- URL
- https://c.disquscdn.com/next/embed/styles/lounge.c46a5b3df6acec9d5cde6bf8b61aaf6e.css
- Domain
- c.disquscdn.com
- URL
- https://c.disquscdn.com/next/embed/common.bundle.57d935b03ca64a8fc2ae95b8d550f132.js
- Domain
- c.disquscdn.com
- URL
- https://c.disquscdn.com/next/embed/lounge.bundle.10adfde1a6e883b828255fddc56fa508.js
- Domain
- disqus.com
- URL
- https://disqus.com/next/config.js
Verdicts & Comments Add Verdict or Comment
87 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| itemWrapOuter function| $ function| jQuery function| _ function| Base function| flashembed function| HTMLParser function| HTMLtoXML function| HTMLtoDOM object| propublica object| trackingCookie object| JST object| _sf_async_config object| dataLayer object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleTokenSync undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id function| fbq function| _fbq string| piAId string| piCId object| FB string| disqus_shortname string| disqus_url string| disqus_title string| disqus_identifier function| widont function| initScopedScroller object| scrollers object| opts string| breakpoint function| init object| jQuery111305405445829927962 object| lazySizesConfig object| lazySizes function| Waypoint object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| grecaptchaLoaded function| recaptchaInit boolean| pp_initialized object| google_tag_manager string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| disqus_config object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_423876 object| DISQUS number| _sf_endpt string| waypointContextKey function| checkIfSocialExists function| socialTrack function| bindSocial function| trackTwitter function| extractParamFromUri function| trackFollow object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piEnableTracking function| piDisableTracking function| piResponse8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 188=Nx_92xMI06xXinEQQsRxsBiRC0k7B6Nxe-sF4GVrTyL02Y-1uqpCfAfsyZ7z6keoG2w1Uk3usT1cxA7dL_RWS6wpi7_on2pOlEWfWBVVhLMuaPFLjSODqKN7ZjgVyUWb9L-PpiC1UitVBz6GIKBHu86sYEY7YzpWQLlQ16SBJQY |
|
.facebook.com/ | Name: fr Value: 07npB0R22MiceqFwE..BdaDRG...1.0.BdaDRG. |
|
.propublica.org/ | Name: _fbp Value: fb.1.1567110214638.82165486 |
|
.propublica.org/ | Name: _gid Value: GA1.2.2062341923.1567110214 |
|
.propublica.org/ | Name: _dc_gtm_UA-3742720-1 Value: 1 |
|
features.propublica.org/ | Name: pp-tracking Value: {"pageCount":0} |
|
.propublica.org/ | Name: _ga Value: GA1.2.1318799313.1567110214 |
|
.propublica.org/ | Name: __cfduid Value: de2d7d31cc06d9c74adee963f826d64f61567110213 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.de
assets.propublica.org
c.disquscdn.com
connect.facebook.net
disqus.com
features.propublica.org
pi.pardot.com
ping.chartbeat.net
propublica.disqus.com
securepubads.g.doubleclick.net
static.chartbeat.com
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.propublica.org
c.disquscdn.com
disqus.com
151.101.12.134
151.101.64.134
172.217.16.194
18.232.28.189
2600:9000:2057:f200:18:1fcd:349:ca21
2606:4700::6812:d026
2a00:1450:4001:814::2002
2a00:1450:4001:818::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.170.101.163
031d2af0b94a1c28fd91bc638ee6ae7db363881a09f55844c809a2c30984920b
041bc2c17ec015ef806c668b4eb8810687b52e275e4e528a2abad4e2fa9552ee
09c162769cb9779dc01e08dd0cf6e837c72225cef171202eda69ca3b7d9c45f2
0c7a1cf6de1b6a2dcc700576e04c1c906cd7a844e931c0a7bdd839e2fc4b169d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13fa9430e13df4a536095b95424ea02d14aedbef6531ad2d94717a1a42913830
1dd1bb70981fb5553d49ff571ff90c1a342c46f280a0fc06d8ff851fd66ec6be
22e6b300b9258112743e81e8c0bbe13222142f68caa582daab32ed2bcfb25493
260f6e1316aa5561c28543555b58245cf13777ea683623e078249a439f73f043
2860e26b1585c3d2e9819046edccb99c21a9a1ab3cd5db9fc68ea47b54662866
28ad9812c123d3b3bd7264967fd55f3bb1b0a70024623f8c63dc4084a24e2e33
52884ade65fb7f22ad0344dcb656fe4a253cf22d70636c730a6168e1887ec381
52c07848daa5a8b32e27e09e8bebc6c2fa8fb34c9942bf5f05e24e12bcd501c4
56f695c6decbe9bb598526d815e227f61dd8ded0909005b93aff218cc3c069f0
7dad042684ea3d02d9961f8cd4885047c1128ae9f7d5ef9fa2e8568c6514b11b
80c58477dbc87c0b570ebf3fc6f7060656594e018dd395e7f08a361a2305b99c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85480f83cd66d9c8abb804d9b8d05b69cc38070fcc8b761499099e66c003aee0
8b74c864b6b01be0d32b35bb3d8a224e46e3ee9113fc9d8ff1fe629447760d0d
8c032cdcc121e29848b9216cc0af9818e757e66f35f8ab2af042fa15e339ea48
8dcf6056b56eba6e8541d8441d30ea1b08e662ebd2a98addca3493a403cf8ae2
8f977f8c04ed7c72fba02ba47aa4ffa32121a007f2a9f8ac4d4f19fcaf6d0d17
8fe5c6deb18284ea814e0c5e1bfe22916a943a088827d80b9ee2d24643064930
99fd27cd410417b5633d3fc37196751afc4b3f9ffa5853dedb73cfcb3e810d7c
9a1ef035cc0f1a1a7bdf83e6f7e86477b5fe45507e91d12ff4cad24ad5759cbd
a525131e0b21b4d76f0a1c6160b23952e78352433655b692460cb554baedd7cd
a5f64c9209bdf96ebd28f41d42b8e2ca066789b3504905fca079ec179c3dd656
b441df5d5290c417724906029014c7ef42ad077d2e3cd6dfaf2d5428752e49fe
b63dab5652337940f4cd8bbceaef0c8ac28de05b0b43525144cdf80b619851a0
b74ecdf2dd3352da79dd762bcc24c49a1e1793849a028f731d4ad0f69f981867
b85918584d7a87585bd579dd207b246fd6656fe55eb3e5ecf605cfd9e832bb3a
bb474388f28563881762c05c446269d1546dfed4a15a1427e970164d13ec3552
c196c4ccbc9b6153b108b8bac62f144d14fd0ea701438e567a3a370eae026e1a
c6efe45f4a692895ee2e16ad21c0bc523b73511c98ac097d46997a72ee35a335
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4bf635e4f8bb9e39b0ecaaf7b5989d9a68a4f99e8806039ae686bb23d4934a2
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd92f6c93e22ac7c4a2d92489ee5cd1e931122b449588453e4366f99d106faed
e37175c872fc53f06ace33890986b1983980812d7130f497a9f0125e78188b7e
e659122a884d2cf1a040ab24242e9bfacbd6059334e6efb79b54580dcdff0434
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ead5388a789c640a2f820543fcddaaef721b241d7844a5b50a81a4bf149f0995
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08eef2c53ff913e56a7982a737483937b5350e6abd8ec5cd817c9770f9f5509
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6
f7292610f85a9a18307d505b342c4ee9661f2e84a8b588cd382b16737231b8e9
f8e8baebac4f64ee22208b08a36fa7bb4996b541e95b03f978e7318bf2c8b362
fd5fc4e73e506c00b0b70b80867ce34207e5f443fa24808d33f8c076b8de0bc6
ffdc5a0a06a4c0b1b5c3c2e4271ae9253dd6cb3a4aecfa1da546c8f323d43db4