www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Submission: On December 14 via manual (December 14th 2020, 9:30:55 am UTC) from FR

Summary HTTP 129 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 37 domains to perform 129 HTTP transactions. The main IP is 2606:4700:3037::681f:5ebc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.insurancebusinessmag.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time www.insurancebusinessmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3037::681f:5ebc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
6	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.190.50.98 35.190.50.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1 5	2.21.36.181 2.21.36.181	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.255.51.39 34.255.51.39	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.213.190.117 3.213.190.117	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.21.38.40 2.21.38.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
129	41

10 2606:4700:3037::681f:5ebc (United States)

ASN13335 (CLOUDFLARENET, US)

www.insurancebusinessmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.22.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn-res.keymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.50.98 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com

cdn.sajari.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

insurance-business.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.36.181 (France) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-36-181.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

29811d38f03bbc5c43fbd4c58c60099e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.51.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-51-39.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.190.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-190-117.compute-1.amazonaws.com

nextroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.38.40 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-38-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

re.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com 29811d38f03bbc5c43fbd4c58c60099e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	478 KB
18	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	134 KB
10	insurancebusinessmag.com www.insurancebusinessmag.com	83 KB
7	googletagservices.com www.googletagservices.com	201 KB
7	google.com adservice.google.com www.google.com	307 B
6	facebook.com www.facebook.com	955 B
6	adroll.com 1 redirects s.adroll.com d.adroll.com	71 KB
6	cloudflare.com cdnjs.cloudflare.com	23 KB
4	facebook.net connect.facebook.net	230 KB
4	fontawesome.com use.fontawesome.com	184 KB
3	hubspot.com api.hubspot.com track.hubspot.com	1 KB
3	disquscdn.com c.disquscdn.com	229 KB
3	disqus.com insurance-business.disqus.com disqus.com	33 KB
3	keymedia.com cdn-res.keymedia.com	251 KB
2	sajari.com cdn.sajari.com re.sajari.com	23 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	addthis.com s7.addthis.com	190 KB
2	jquery.com code.jquery.com	96 KB
1	hubapi.com api.hubapi.com	770 B
1	addthisedge.com v1.addthisedge.com	762 B
1	moatads.com z.moatads.com	1 KB
1	nextroll.com nextroll.com	2 KB
1	google.de www.google.de	154 B
1	hs-banner.com js.hs-banner.com	13 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	usemessages.com js.usemessages.com	20 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	google.nl adservice.google.nl	803 B
1	zoominfo.com ws.zoominfo.com	723 B
1	hs-scripts.com js.hs-scripts.com	936 B
1	googleadservices.com www.googleadservices.com	12 KB
1	googletagmanager.com www.googletagmanager.com	45 KB
1	sajari.net cdn.sajari.net	200 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
1	googleapis.com fonts.googleapis.com	725 B
129	37

	Domain	Requested by
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.insurancebusinessmag.com tpc.googlesyndication.com
16	securepubads.g.doubleclick.net	1 redirects www.insurancebusinessmag.com securepubads.g.doubleclick.net
10	www.insurancebusinessmag.com	www.insurancebusinessmag.com
7	pagead2.googlesyndication.com	www.insurancebusinessmag.com securepubads.g.doubleclick.net
7	www.googletagservices.com	securepubads.g.doubleclick.net
6	www.facebook.com	www.insurancebusinessmag.com connect.facebook.net
6	www.google.com	www.insurancebusinessmag.com securepubads.g.doubleclick.net
6	cdnjs.cloudflare.com	www.insurancebusinessmag.com
5	s.adroll.com	1 redirects www.googletagmanager.com www.insurancebusinessmag.com s.adroll.com
4	connect.facebook.net	www.insurancebusinessmag.com connect.facebook.net
4	use.fontawesome.com	www.insurancebusinessmag.com use.fontawesome.com
3	c.disquscdn.com	insurance-business.disqus.com
3	cdn-res.keymedia.com	www.insurancebusinessmag.com
2	api.hubspot.com	js.usemessages.com
2	disqus.com	insurance-business.disqus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	s7.addthis.com	www.insurancebusinessmag.com s7.addthis.com
2	code.jquery.com	www.insurancebusinessmag.com
1	api.hubapi.com	js.hsadspixel.net
1	track.hubspot.com
1	re.sajari.com	www.insurancebusinessmag.com
1	v1.addthisedge.com	s7.addthis.com
1	cdn.sajari.com	www.insurancebusinessmag.com
1	z.moatads.com	s7.addthis.com
1	nextroll.com	www.insurancebusinessmag.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.de	www.insurancebusinessmag.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	d.adroll.com	www.insurancebusinessmag.com
1	d.adroll.mgr.consensu.org	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	29811d38f03bbc5c43fbd4c58c60099e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	ws.zoominfo.com	www.insurancebusinessmag.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	insurance-business.disqus.com	www.insurancebusinessmag.com
1	www.googletagmanager.com	www.insurancebusinessmag.com
1	cdn.sajari.net	www.insurancebusinessmag.com
1	maxcdn.bootstrapcdn.com	www.insurancebusinessmag.com
1	fonts.googleapis.com	www.insurancebusinessmag.com
129	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.lifehealthpro.ca
learn.insurancebusinessmag.com
kmi.magazinemanager.com
shop.kmimedia.ca
bpaww.com
www.keymedia.com
www.wealthprofessional.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cert00041-azurecdn.akamaized.net R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.sajari.net AlphaSSL CA - SHA256 - G2	`2020-08-03` - `2022-09-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.google.nl GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
nextroll.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.sajari.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2022-06-11`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
re.sajari.com GTS CA 1D2	`2020-11-26` - `2021-02-24`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Frame ID: 98FF7D2F08D5C7107DD5E869052ACCF5
Requests: 85 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlEWuLQLv1KkC1h8CfqwlhVjNG2Xf1sWP1wJcIsx3NluoucTkDnt4PdpdQh30YxvsDYSTm8PC2L-zHDjiwmHcmLMxcWyNuYI1gppLF_4yoqxNXNyRPJDDbwoS9_ka_8KrHd1AwzygXNTXBJmGxoS19WdDqgruSdFtNSjOvwj2OP4GJ4SY238MJfc2B9GsafrauRCsOllBkyiDffJshIfTpJDVQUY4g2c4w9w5P95QV8caC4qeIMC68pplQJa-A7YC1dhUGS0mvNTejF893RxcrsT-nhOKdwi9HIjMo0Gb-7uTfX7eUNPTixkxar2b02bIkzm5N&sai=AMfl-YTogy_alcGUSsfH8Tks20462oBYgabMkEvbzmGmkIqiiwebSwGnk4DbB86pI5IytroE-UqPgTVx4S5Uf5CQQB_OoSkNSTKzjZ22zJo3flR9GLP0HlN4eL6y1jSaV1o&sig=Cg0ArKJSzOMU3dLtY1V1EAE&adurl=
Frame ID: 839356D1D41E78D2D9B4483F02FCB46B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTyTG2p4pf4RdNy_iQ9Uhae_m-iN8Mav8xZPt9kaP7IeYtLeTPJ3MoYBlw7dwaxa0ur9e5oI4XKUnBR1T_eiEAKciGvVHBzcp3o8BXPsV0vyn7MD8KoazVyE5U03g6mcYSuXZijcLbqhb4a0IVr50JuZ-UtNCbCnPTqHlMUyjdDoGO0y4m_VDKjx3C-MZg2eSKwKeDRDk1FQwXKbEEASzpinIU7bT4HrjNm-BSta7OCRb-wWNKGUZ9n4zqYccgW1Rt8WhuEGN870BOkh7-OkJFJcn_RMexz_-NSwnP&sai=AMfl-YRj8cMs2ypsAArfVMn0BXTOPt-o9_33YZW56b7QyAO3iSMUGAnVSQSnO3ruAVOCBfuPlVLAFuHPnr5o73yYq4nq5NWs-F0RtpKoGzUSLM5B0Xlwl6cpxMKXNsrTmyM&sig=Cg0ArKJSzBgGEOj_EpFBEAE&adurl=
Frame ID: CB180ABA42190B0E2B2A6AE42F1C735A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6hUx1SWaOdgaACMHcen6Ii8ojhhM4HX-UF2gV1zg572reB3IrAF3cB3afgSlUsfokMOnJgaMnVcAPeeGEvfywP-irKOYll6CqP2BvWXe9kf1VkciMlFJWXWK1uMW4wG364E0UqxLTBPbX740qn0oYtt7jTS08ZYC7VxwEu2ont4_Y-ZjS--XYoIacHWcTfRVFTuKkWSsJPGJGN4xwyF9jsLUET8nWIBMshqW09pNUClWWuu9lKKLa8LV0EN2yeuSlsqB8sEtAIFOhfCdpnbAFS9KzXKWG-I7UmuvvpA&sai=AMfl-YTlFjwqrzx1AJctq82wSMCZvxO3m_WbQjusTp1Prdi2lPyjsOLJW3qG13bnuIU3ZWjx0rObBgaNLo8bFwfXECu5XdAHisgBP0VtVuha7WJQZ0gVQXXDMocOJjC5AmY&sig=Cg0ArKJSzEZ4PUeC4ku3EAE&adurl=
Frame ID: 6A2D0670089E55913017D3ED54DB2E9C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqxvE8QzXmADJ4mTo23q_Wd3KQnbzrJ5awnzUxSoT6egFLglNXxlklCxCg-C5q2QJV2hVG5wodyv-qpCGjGdtnOSjQDPEDFp7XyS_klaJo5rZwM_DeDIkSBRLlFKH61napH1lRNhWGxBuyRdFI1lJ4KlV1_3Tyo64wnfV-_arHStMi0fxU_j1wLedOcevCncKGY8QExEec_vOgh6FmQtjVJP9cSuVdq7sxM48dA-FIxc-mMPQFUtTSQCASQ7nxyOlKK4SDn0l9soVShJr3OVPhaucSth-OvX_4ekM8BA&sai=AMfl-YQhV7lnitn7FsptZw-bebLB5fBCHE4q5Igc4-7kkw3HfIIQ-P2RRb9cW8PCccYklrFkUra9SqszS1vt4pc8PfKJGVKoLigSCNbjMkwZiHeQJR6HAWrgvRXTSdf50_0&sig=Cg0ArKJSzJDFhPqU_uTfEAE&adurl=
Frame ID: 45CCDB85794DBB68E076B542A453E026
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/13810547153303696996
Frame ID: A1F0F87D03B74BF7C36E58D07B28DAE2
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuypsU7Yne0gnHY35OjTGNmtgvJnqMPOG5BXM5LsmbNTNvlxHL0yN7ddOUkpFk-zEYx3AdMojg7EU7-m-mrrG4uMzDwy2-h4pmK_SJyvj-lnFk-9aroHfdzQg5Lv5u6AZ1eZhvtpcM8zHMV3X3fPdxEbLzNQ2uBrxqHHUtt6ErCAz5FL272bER_fOVewtEN5BBoB3xeGxrj6DWOIZnfjzpdFL5WE0M7dYe15_dLMOqTNUMHizw4xDwGxpNFaWiNUuL2j3GYhNlSv9dVEXuJlBkPEmrTHGzsTJPd5Cz7lQ&sai=AMfl-YRp_yHrkCtOMChCO-uEU4Z7zwvWgQPULlVsXIhyDGH3g1C8eWW1K5ll_kMfL3mavY-ijWTRxaAMu6r6xXLFZ0CVd1boNJYf09jR8IFJmisykFp7_ME9Wt-PEitQMFQ&sig=Cg0ArKJSzKdvZTe1x2BEEAE&adurl=
Frame ID: B573618779839851D0B54A8031BBE194
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsva9lKu6sUjXXj7Axm5PRRtY9Z3Up-9jK_b2w4kQsw7DSM6Tm1dCNybaGk8zc0sbvnXDcFZs12yyP7BZRi7C3lw5Ove-FEw4DqxS9ImpQr5RB7hVPXKNmkdsI3rU06JcjUPgwsc_YTGG-8fVvIcvbetRev2utSWRYxbMklrg3HaHGgyOuo75Hhd26z5Ef1nE4xgE53BPe4GYkIIYGrFm6_8KQVfSpmC8xAPXoF80P8zNScmCWh94lJLpFGJ3b9VmK6jAdl5VSOrz2ZJfQLd3hXu8hdh9DvRAAI57UaCig&sai=AMfl-YQvu0pCWCE2pEa4BxxPA_FawSGcBZCKOGUQYmef1zH0g1dIYXVAnncyyCmiApEKvCJG5l2biinXJO_tfQItW4SBzcpGMsFq2GkK6w1Q5AkwuLE3ZJiLhlgXy2l7jkI&sig=Cg0ArKJSzL-0TVR99q4gEAE&adurl=
Frame ID: 9E2AC69CAD08F7F20FD5A137C66C61F5
Requests: 8 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default
Frame ID: C7F486240F2ED06166372234E0ADE9DE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 559380A9577E3AA2FE3456162C0FA7F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

129
Requests

100 %
HTTPS

73 %
IPv6

37
Domains

46
Subdomains

41
IPs

7
Countries

2598 kB
Transfer

5789 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/InsuranceBusinessCanada

Search URL Search Domain Scan URL

URL: https://twitter.com/InsuranceBizCA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/15154282

Search URL Search Domain Scan URL

URL: https://www.lifehealthpro.ca/
Title: Life

Search URL Search Domain Scan URL

URL: https://learn.insurancebusinessmag.com/
Title: eLearning

Search URL Search Domain Scan URL

URL: https://kmi.magazinemanager.com/subscribe/subscribe_renewOnlineCFGS_KMI.asp?renew=&source=IBPAID1
Title: Magazine

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/magazines/back-issues/insurance-business/?sort=newest
Title: Back Issues

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/special-reports/insurance-business/?sort=newest
Title: Special Reports

Search URL Search Domain Scan URL

URL: http://bpaww.com/bpaww/#?targeturl=/BPAWW/MemberTools/AuditedSiteTraffic&target=2&languageid=1&homepage=/bpaww/Content/MainContent/Home/Index.html&footerpage=/bpaww/content/maincontent/footer/english.htm

Search URL Search Domain Scan URL

URL: https://www.keymedia.com/?__hstc=226989634.6f4961d305d780142c07c482b84342d8.1607938239396.1607938239396.1607938239396.1&__hssc=226989634.1.1607938239396&__hsfp=2978788718
Title: Key Media

Search URL Search Domain Scan URL

URL: https://www.wealthprofessional.ca/?__hstc=226989634.6f4961d305d780142c07c482b84342d8.1607938239396.1607938239396.1607938239396.1&__hssc=226989634.1.1607938239396&__hsfp=2978788718
Title: Wealth Professional Canada

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 50

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=11c507032a1088eb50ecac84aa720922&_b=2 HTTP 302
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=11c507032a1088eb50ecac84aa720922&_b=2

Request Chain 81

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4Tl9zIR1vZenxngvaK5ZYnLyobVK4AAP1oVAnOxAECkQzort7KytNzWA0tBQusU5edRtVBLZqM6Jh9-fRVU5OoHvp3E16UcnhgBRtEu82HB9Vz2fUeourXlrvEgCUR9kZAiHgDTBYKSoiXxRyrBAQ88tvUfVTVfwYMTJWTGSfsY_emrPv3qtgUAN4Ctv5wCRGWC2lUqLxwDPmbz6riFqAo7siGu4IySgZqJkYckl83mfuU31tl8VL4xd61_RhngInfIq63kQVwIYgc2OgdBLybpwjmtZsS6fQInpnB70cSw&sai=AMfl-YTuB1XszNj0aa8-5NqgDijEbqP6cdTahHlhzpkfAfYamitax-YVjrrZzY7E8CzMUtQwUU9DQhuBYv0R_g17XF-ePlY5j-898EiT9ttI_RNh2omR2UleXruUdNDrTfc&sig=Cg0ArKJSzLclbU6hBTw9EAE&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/13810547153303696996? HTTP 302
https://tpc.googlesyndication.com/simgad/13810547153303696996

129 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx Show response
www.insurancebusinessmag.com/ca/news/cyber/ 55 KB
11 KB 602ms
577ms Document
text/html 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e0e32897bd67bc608643a6d0b9ee6a8b7a4aaae14377ff94aa13cbcfb6801bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.insurancebusinessmag.com
:scheme: https
:path: /ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5750d6bb1070cfc99d1956f230c7b7981607938231; expires=Wed, 13-Jan-21 09:30:31 GMT; path=/; domain=.insurancebusinessmag.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 07022f65c200002c3e1bb1e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2i5B%2FGpC490x2cH71sbNagohr%2BQTuUliIi9qksGrjOwtJUgR3iU42JRaJavZGQ7ZJAWIvaA7Hm%2FNYmdKXDjopaHqsNTpHhS19WYKxZMO%2BQ4ffhNSfPjg47ROnIcZTp9FtfLjnNzINtrc"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6016e81c6e9a2c3e-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 4 KB
725 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 07:54:54 GMT
server: ESF
date: Mon, 14 Dec 2020 09:30:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Dec 2020 09:30:32 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.1/css/ 58 KB
15 KB 59ms
28ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 15:13:10 GMT
server: NetDNA-cache/2.2
etag: W/"b227b1617a1763c8bc056772f05482b4"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
1 KB 14ms
14ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1026267
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
cf-request-id: 07022f680a0000323737bcf000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BXvvgaLtun8pglZb5Vr02ZtCUtVSpQokzOrqcCDfcdytEWYXw5nsi2vbtEqRMHv4ThLEzTrskgVpXxGYKqL0cwlKSrIKSmgtxg16aRl4I3a3EEv%2Bdq7XIbpyY9177G1cUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6016e8201cd33237-FRA
expires: Sat, 04 Dec 2021 09:30:32 GMT

GET
H2 200 site.min.css
www.insurancebusinessmag.com/css/ 217 KB
31 KB 26ms
26ms Stylesheet
text/css 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2452
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 07022f680b00002c3efc127000000001
last-modified: Thu, 26 Nov 2020 05:10:15 GMT
server: cloudflare
etag: W/"1d6c3b26cbd77e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AX%2FbxEjiZHhsKIucjQrvlJBrnzqPShem5pEAet3uBFhrHQSTuglkWnFsyiYmMN72FwEA%2B0alMJ4Y%2BWF0yClbcBAO4icfekogDuwtW0m6Z23FTfq38CB5DrbZVZNsxx72RYRkEFdJ0eQr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6016e8201f582c3e-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 33ms
29ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

5a2e775be063c9500eb603fc4795e53e52bae4c9b07eeed597fdac1e1efd87f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "723 / 845 of 1000 / last-modified: 1607728094"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18868
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:32 GMT

GET
H2 200 logo_gray_ca.png
www.insurancebusinessmag.com/images/ 5 KB
5 KB 411ms
408ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_gray_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5287
cf-request-id: 07022f685300002c3ec6b98000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310c627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W4DUhuV3QaCMnWBif6xFdv4RJgTcD709dW%2BgR9ptKRku1BoVtgR46wntlL%2FSte94XAf9N%2B86J5SwqPL%2Fx6VBmW2R2xKNLoNPhaBxizNaQuEbSuHCofo20%2FEXyWm03JiPoaeYJvAhRp3k"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6016e820888c2c3e-FRA

GET
H2 200 logo_ca.png
www.insurancebusinessmag.com/images/ 11 KB
11 KB 410ms
407ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 11195
cf-request-id: 07022f685300002c3e3b808000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f93b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RI2%2Frz%2FQqiDg0pQHYax%2FFiRznOB7wMIpGli5tdkKn5ZBJUlHihnRPxwcKKXSSRu8lZpgJlnLzX4pCuMZlxIIO7KXQuQz%2BD1f2vc4Kh4qeIR0fX7u7ipmyNEYoknkHBaa0b%2FFwFV3YxlW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6016e820888e2c3e-FRA

GET
H2 200 logo_ca_mobile.png
www.insurancebusinessmag.com/images/ 8 KB
9 KB 412ms
409ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca_mobile.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 8597
cf-request-id: 07022f685300002c3e0698f000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w0mSRYDapsjbi%2F4iMdlU1KxjZvTFOM4YKHR68yZVxZFORKKRzy9pYYNoCsnWU4FE4zE8FGhId6RrG6EvC0rM5Msf3CfNPV0H3087u%2BSXmt4LEe75VSVN9OQo%2FRPsV64jOd9qHoIz%2BADH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6016e82088902c3e-FRA

GET
H2 200 0270_637429306728087852.jpg
cdn-res.keymedia.com/cms/images/us/023/ 71 KB
71 KB 39ms
9ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0270_637429306728087852.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 14 Dec 2020 09:30:32 GMT
last-modified: Mon, 07 Dec 2020 09:37:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PdMDAfDpsglIvzXuEVA+hQ==
etag: 0x8D89A93C504BE16
content-type: image/jpeg
x-ms-request-id: 620743f1-a01e-00e5-0b7d-ccc0f9000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: istock-cyberattack-technology-606671804.jpg
content-length: 72201

GET
H2 200 img_enewsletter.gif
www.insurancebusinessmag.com/images/ 3 KB
3 KB 16ms
13ms Image
image/gif 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/img_enewsletter.gif

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2451
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2866
cf-request-id: 07022f685400002c3eea30d000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d9b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q64tZVJxZyFPO34TR63R0aXQDkQJdfgH0EpBGwzBtMZUdX9fD9pfwKQo5qgVROir1kcT3EVUOdAdbHPjGDcXBDJsyAwFM4c1E5R5viIbdbQqGWyWcwJPVqMKUGCqI7VOqqPfPhK0IDKO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6016e82088912c3e-FRA

GET
H2 200 0116_637274390792424475.jpg
cdn-res.keymedia.com/cms/images/us/003/ 62 KB
63 KB 20ms
16ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/003/0116_637274390792424475.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 14 Dec 2020 09:30:32 GMT
last-modified: Thu, 11 Jun 2020 02:24:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: +LKLZmxgLlM+nItRoCYu6A==
etag: 0x8D80DAE97B905DE
content-type: image/jpeg
x-ms-request-id: 6a6e2de0-801e-0006-2771-60a204000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: IBA Talk Hompage Tile_D.jpg
content-length: 63674

GET
H2 200 0132_637411468949978004.jpg
cdn-res.keymedia.com/cms/images/us/023/ 117 KB
118 KB 14ms
10ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0132_637411468949978004.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 14 Dec 2020 09:30:32 GMT
last-modified: Mon, 16 Nov 2020 18:08:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: X1bLcJFJA0lHQYgdq4kMbQ==
etag: 0x8D88A5A96AC059A
content-type: image/jpeg
x-ms-request-id: 3253528b-901e-0057-2044-bc3f88000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: New Project(14).jpg
content-length: 119767

GET
H2 200 BPA_WW_MASTER.png
www.insurancebusinessmag.com/images/ 5 KB
6 KB 15ms
12ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/BPA_WW_MASTER.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1723
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5609
cf-request-id: 07022f685400002c3e330c4000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: "1d5b3e883a97ce9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9rGz%2F4eWMW5VH0cWlOB9QSWu6EJi6UVVs2OD1JTvge%2FEFW1vBz2QukvZLVU3W2qTB%2FrsPPR2i42ZUGfRSozT7hoQ9paEKs84DbqgSXySNwqAE9I8FAcqqyo90noS4Qmfd%2BHjWSW8qurW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6016e82088942c3e-FRA

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 5047ms
5031ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1607938232.dop212.fr8.t,1607938232.cds277.fr8.hc,1607938232.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 5032ms
5031ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1607938232.dop212.fr8.t,1607938232.cds277.fr8.hc,1607938232.cds251.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 6526ms
19ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
9 KB 24ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 378999
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9283
cf-request-id: 07022f685600003237718a4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MusAh06sTLXKYVHELIkBxHIePpoChEgNRzGbPcUYQQKBGA77NxZlWzJxMlQRBx9abdw1B5RG%2BzN%2BHQeTLbTijjRbTsUZ%2F%2BbvBRQ7CUuX4mWWargpsMqj5AS7CaSaNxyoiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6016e8208db43237-FRA
expires: Sat, 04 Dec 2021 09:30:32 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/ 23 KB
7 KB 27ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 367213
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6677
cf-request-id: 07022f68570000323756827000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5add"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5yc3A8oYgmni506%2FE9D%2B%2Bgr2iyChCEriVJxS2wuxq68IYBfc5N846YXtP2Kxe9gUPswwVAiKEGOAW3GXB4hvl5lfu5gYz5aodThOjgvb7EaFTk0bKey9eoz%2FASz54GO4Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6016e8208db83237-FRA
expires: Sat, 04 Dec 2021 09:30:32 GMT

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/ 5 KB
2 KB 26ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1026252
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1740
cf-request-id: 07022f6857000032376529a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3F4FaXZ%2BkLSdFOgQwt7tQ1KrcyJqbdWDRZ6n4lIIoSLgzcunbTwavlzjTorjKOEH4fUyju6EeSK%2BJSqH%2Fgpxu923FXXSJl7FyoxaU7AHK6NYqkPuC05odq%2Fp1n%2BCnENxIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6016e8208dba3237-FRA
expires: Sat, 04 Dec 2021 09:30:32 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 2 KB
1 KB 25ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1026264
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 746
cf-request-id: 07022f685700003237a0a7b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SlkEYfFGg2u7djoy%2ByGBItrdU1pdiAS6kVkfF2Unka3SacuvqsWofu6x6TewEHfLXx8HVzulTgFqAqY9BRNiT%2BYk5Ymiiw3ORfEjFTYBuiIfdirBymdlWXwQlH8rZvDvIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6016e8208dbb3237-FRA
expires: Sat, 04 Dec 2021 09:30:32 GMT

GET
H2 200 jquery.bootstrap.wizard.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/ 9 KB
3 KB 28ms
24ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/jquery.bootstrap.wizard.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 367333
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2027
cf-request-id: 07022f68570000323787367000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-23da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rpmV1VoBRwUtUJ0ekdrCV1ZzB4LBrPJYljg35VW9q3sUI%2FxSpYMF6D%2B5lc47L4Vy5JxnoOAk2YR6GGXTaAxhE6HpYk%2FVnGr9eiZgWJRyJANQ2QumIXC2Q9pHYu61u3VGtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6016e8208dbd3237-FRA
expires: Sat, 04 Dec 2021 09:30:32 GMT

GET
H2 200 site.min.js Show response
www.insurancebusinessmag.com/js/ 3 KB
2 KB 17ms
14ms Script
application/javascript 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/js/site.min.js?v=a8CgVlJJa2pHH6NyWSDRb1xgq97m0DJCCfQmFEGXcpU

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2450
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 07022f685400002c3ef6b3a000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: W/"1d5b3e883a96460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PwOuhHMaTKlku49tWXmcpeSeXztmtG8m1qtWPnHCXT9qohWKnlw2%2FR%2FRYm3JCdLSwVX1arhr3SKUHcLmAlteQQfhmSNGKm%2FfRYLEiAmc6M%2B%2BBXy69Rzy5UMngbFQUWd4RD%2B17IEkfeVD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6016e82088872c3e-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 82ms
32ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 14 Dec 2020 09:30:32 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 website-search-1.4.js Show response
cdn.sajari.net/js/integrations/ 662 KB
200 KB 68ms
23ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.net/js/integrations/website-search-1.4.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 08:54:20 GMT
content-encoding: gzip
age: 2172
x-guploader-uploadid: ABg5-Uz4-VMXKePeDIlYCozDvS_PHFJ82JmhcIQDEyymF2_dhiDsjE5qej6t5o7nSeUlpR4Ka5FAdG8qTbU80Kll9rWcMqniFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 204181
last-modified: Fri, 27 Nov 2020 01:20:45 GMT
server: UploadServer
etag: "65c7b0342e669c616f2779114a738111"
x-goog-hash: crc32c=lavJ7Q==, md5=ZcewNC5mnGFvJ3kRSnOBEQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1606440045862038
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 204181
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 15 Dec 2020 08:54:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
45 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9199ffdc114d54fafaa64236b8311b5e4f845bb8d60665b0486e7b554eb75287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45807
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Dec 2020 09:30:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 146197
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sun, 12 Dec 2021 16:53:55 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 77 KB
77 KB 21ms
19ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
last-modified: Mon, 05 Oct 2020 15:14:09 GMT
server: NetDNA-cache/2.2
etag: "f075c50f89795e4cdb4d45b51f1a6800"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 78460

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 490207
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 08 Dec 2021 17:20:25 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 49ms
48ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
last-modified: Mon, 05 Oct 2020 15:14:37 GMT
server: NetDNA-cache/2.2
etag: "8e1ed89b6ccb8ce41faf5cb672677105"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 80300

GET
H/1.1 200
OK embed.js Show response
insurance-business.disqus.com/ 70 KB
23 KB 395ms
344ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-business.disqus.com/embed.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

267e1573e3f12e561d6ff82ac15be65e3d0c7ab86f43accdbc666a46a1cd0860

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 09:30:32 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 23314

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 79ms
50ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:32 GMT

GET
H2 200 keymedia_logo.png
www.insurancebusinessmag.com/images/ 3 KB
3 KB 21ms
20ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/keymedia_logo.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2449
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2797
cf-request-id: 07022f68b300002c3ee19c0000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d86d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=15QivJL3AI0V3i%2FOzdTAyhJOe6yLTT8ndjgMxn0P0vcnRzCRQuBEH%2BL0mfzfv4iBf0sq3eDKyU1WvzFezN5HljZknO93Gomyq%2FqQONj6mHOE3mBp6TH7WMGqcSCh3G2MYKAOHLHIMBXQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6016e8211a502c3e-FRA

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 13 KB
14 KB 17ms
17ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
last-modified: Mon, 05 Oct 2020 15:14:17 GMT
server: NetDNA-cache/2.2
etag: "4a74738e7728e93c4394b8604081da62"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 13548

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 36ms
34ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Dec 2020 09:30:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2442
date: Mon, 14 Dec 2020 08:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 14 Dec 2020 10:49:50 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 40 KB
13 KB 76ms
28ms Script
text/javascript 2.21.36.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.36.181 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-36-181.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4
Content-Encoding: gzip
ETag: "0aed5b94bc26ce0fe9e58d25dd314418"
x-amz-request-id: A153E367E4F64E44
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12695
x-amz-id-2: 1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo=
Last-Modified: Thu, 10 Dec 2020 18:09:34 GMT
Server: AmazonS3
Date: Mon, 14 Dec 2020 09:30:32 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 3830659.js Show response
js.hs-scripts.com/ 2 KB
936 B 37ms
20ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3830659.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c4c82f69f9ebf7e42ee5cb09386f41d590a1e111c1d37e310cfc57fb563391

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 31
cf-polished: origSize=1725
cf-request-id: 07022f699100001766928f6000000001
cf-bgj: minify
server: cloudflare
x-trace: 2BAE1E04086BC76D69938E02A6AE87D2815DC44F44000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6016e8228ee21766-FRA
expires: Mon, 14 Dec 2020 09:31:32 GMT

GET
H2 200 H374CbiJXbyMaC6o2MeO Show response
ws.zoominfo.com/pixel/ 0
723 B 242ms
210ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/H374CbiJXbyMaC6o2MeO

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6016e822983cdfeb-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0
cf-request-id: 07022f69a30000dfeb53b30000000001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-xss-protection: 0
pragma: public
x-fb-debug: Jl/cHzJoVMAlv8/Bw3R+p9lHY2j9Wjl5Yf86PCFRCDeQtspQ9ezdo/s/XCSbCM73MY3ka4/KJJ0GwHRdlDOt2w==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 14 Dec 2020 09:30:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
803 B 40ms
18ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
13ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 fancybox_sprite.png
www.insurancebusinessmag.com/images/ 1 KB
2 KB 11ms
11ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/fancybox_sprite.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1732
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 1362
cf-request-id: 07022f69cf00002c3e29156000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tT2UHh0slDM%2B%2BshP%2Bv2bU9UEiigJv41YknxmtdhBG%2FDm8Wz5MWljA5RN7kxKG%2Be7CCLPHe%2FIGF%2FNuPIYhZClClc%2BpUMc7olTzb0DthOzDD7%2FkfdtsT41KnuLzekzZspbzCX4jxVkIrOZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6016e822ee692c3e-FRA

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
17 KB 151ms
149ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1306839126782078&correlator=2658144982529469&output=ldjh&impl=fifs&eid=21069136%2C21069139%2C21069144%2C21068110%2C21068812&vrg=2020120801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201214&iu_parts=1042886%2Ciboca_news_cyber_640x480-prestitial%2Ciboca_news_cyber_na_fluid_top1%2Ciboca_news_cyber_728x90%2Ciboca_news_cyber_125x750%2Ciboca_news_cyber_na_fluid_top2%2Ciboca_news_cyber_980x240%2Ciboca_news_cyber_970x90%2Ciboca_news_cyber_1000x90%2Ciboca_news_cyber_300x600%2Ciboca_news_cyber_300x250%2Ciboca_news_cyber_140x600%2Ciboca_news_cyber_140x300%2Ciboca_news_cyber_na_fluid_inarticle%2Ciboca_news_cyber_450x20%2Ciboca_news_cyber_480x300&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F15&prev_iu_szs=640x480%2C320x50%2C728x90%2C125x750%2C125x750%2C320x50%2C980x240%2C970x90%2C1x1%2C300x600%2C300x600%2C300x250%2C300x250%2C140x600%2C140x600%2C140x300%2C320x50%2C450x20%2C450x20%2C450x20%2C480x300&fluid=0%2Cheight%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0&ists=4096&prev_scp=%7Cposition%3D1%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D2%7C%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D3%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1607938232&dt=1607938232760&dlt=1607938232324&idt=387&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C310%2C560%2C165%2C1310%2C310%2C310%2C315%2C0%2C990%2C990%2C990%2C990%2C310%2C310%2C310%2C477%2C477%2C477%2C477%2C477&adys=-12245933%2C0%2C62%2C250%2C250%2C250%2C270%2C1110%2C3858%2C686%2C2882%2C2369%2C1316%2C846%2C1476%2C2106%2C1211%2C2249%2C2269%2C2289%2C2309&adks=2393765783%2C3534144931%2C978150294%2C1432091275%2C1432091272%2C3178895650%2C1704434660%2C4175022400%2C356029358%2C3984907446%2C3984907444%2C1900114717%2C1900114710%2C3325824990%2C3325824961%2C2173213489%2C881005708%2C659492674%2C659492675%2C659492672%2C902060058&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1000x1%7C730x90%7C125x750%7C125x750%7C1000x20%7C980x240%7C1600x3858%7C1600x3858%7C313x600%7C313x600%7C313x250%7C313x250%7C146x600%7C146x600%7C146x300%7C479x884%7C479x445%7C479x445%7C479x445%7C479x445&msz=0x-1%7C980x0%7C730x90%7C125x750%7C125x750%7C980x0%7C980x240%7C970x-1%7C1600x1%7C300x600%7C300x600%7C300x250%7C300x250%7C146x600%7C146x600%7C146x300%7C479x0%7C479x20%7C479x20%7C479x20%7C479x300&ga_vid=984765120.1607938233&ga_sid=1607938233&ga_hid=519750818&fws=644%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C479%2C479%2C479%2C479%2C479&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

974783674a101d7c89abb9db102a9aaa7284ee52be11003c127b70aa25b665ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16599
x-xss-protection: 0
google-lineitem-id: 5522499108,-2,5523842285,-2,-2,-2,5523842285,-2,5523842285,5523842285,-2,5523842285,-2,5523842285,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138333696251,-2,138328415276,-2,-2,-2,138328444695,-2,138328415726,138328444692,-2,138333756567,-2,138328444683,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
29811d38f03bbc5c43fbd4c58c60099e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 33ms
17ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://29811d38f03bbc5c43fbd4c58c60099e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
397 B 46ms
12ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=519750818&t=pageview&_s=1&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ul=en-us&de=UTF-8&dt=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=41226162&gjid=1850863442&cid=984765120.1607938233&tid=UA-67143636-4&_gid=1274703206.1607938233&_r=1&gtm=2wgbu0PVJZ6HP&z=154058545

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 239203017352524 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 52ms
52ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/239203017352524?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: /J/U3UV+6Ivxg6ERwGW8EOI/1WdM5kXyx2iM1GExEINftur1Wf3iiq5yMFO1GT/G0Us/CGFydA+GdpDHizFdXw==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 14 Dec 2020 09:30:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 213897403
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/?random=1607938232833&cv=9&fst=1607938232833&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0035934ed6b9f80f300fe3bcb1cd02cc516e48c44f727e2bd4b3225e63d43f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

46ms
45ms

Script
application/javascript

2.21.36.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.36.181 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-36-181.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NRd5BJy3mTVGILCcmBdUI4KKHh2sq935
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 7W9WAWDN1PDJ9K6T
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE=
Last-Modified: Wed, 02 Dec 2020 20:19:48 GMT
Server: AmazonS3
Date: Mon, 14 Dec 2020 09:30:33 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 14 Dec 2020 09:30:33 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/ 1 KB
1 KB 238ms
196ms Script
text/javascript 2.21.36.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.36.181 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-36-181.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: mG1vf8hdXP5PyGwczaPL2q9f6PbIOjCZ
Content-Encoding: gzip
ETag: "3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id: 0BE69153DE29F37A
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 635
x-amz-id-2: JqFBSjhkV0TmNmjAG8N79UgimaxA5rmoJEAfuGhmithqkW7sMOaBC4TODAj3D+/YY3LjOs61w2k=
Last-Modified: Sun, 13 Dec 2020 21:49:34 GMT
Server: AmazonS3
Date: Mon, 14 Dec 2020 09:30:33 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=11c507032a1088eb50ecac84aa720922&_b=2
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=11c507032a1088eb50ecac84aa720922&_b=2

385 B
477 B

36ms
35ms

Script
application/javascript

34.255.51.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=11c507032a1088eb50ecac84aa720922&_b=2
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.51.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-51-39.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: f97f7e7504bc13af9e1ed4357aac452737a214d7f169327d374c3250f81f1eef

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
server: nginx/1.18.0
content-length: 385
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=11c507032a1088eb50ecac84aa720922&_b=2
date: Mon, 14 Dec 2020 09:30:32 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 32ms
14ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
via: 1.1 98e30e5953336545df428a8f5923a289.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 103
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.218/bundles/pixels-release.js&cfRay=6016e59a4e799754-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07022f6a1c0000177626ba7000000001
last-modified: Wed, 02 Dec 2020 05:20:17 UTC
server: cloudflare
etag: W/"6159aaab2b9ebbe66181371c0b06ec68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2loL3K5wOlJ4UYDOHK3xdpXBRt2L9KwW
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6016e8235fe91776-FRA
x-amz-cf-id: svsOHQu8FDQSlUBOfggDytgYy5OwudvoCXpcdqS4g3i4Hs7NcRw51Q==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 79 KB
20 KB 34ms
17ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1e9ef352606557edfb35cbff6fbd2015172657021396259a87f54c64eb113bb

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
via: 1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 66
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.7976/bundles/project.js&cfRay=6016e6817f30975a-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07022f6a1a0000dfb779b8d000000001
last-modified: Wed, 09 Dec 2020 07:58:24 UTC
server: cloudflare
etag: W/"96031c3ef21fd92757a66418337958c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RzrB4etVQtJSMtrpTQ17r3KxS5drLXAU
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6016e8235a9edfb7-FRA
x-amz-cf-id: 96c80MnBX5PBCkfuIlGBaGO1TGcrB12V1FLzNv4V7W02Yidm_wvSJg==

GET
H2 200 3830659.js Show response
js.hs-analytics.net/analytics/1607938200000/ 63 KB
19 KB 41ms
18ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1607938200000/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab092634138c04c4d400ffe26f4d1e7e332adbd7ce2b974288b0674850bc2b0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 30
x-amz-server-side-encryption: AES256
x-amz-request-id: 7AC4DED56ED6C05C
x-amz-id-2: kkg+WiAml8D4HWSlozMgZmeXMz5iW8H/x746zdMNIkfwNwZfX7FVo8OappyPKq0fLY/HNSzZD+g=
last-modified: Mon, 07 Dec 2020 17:12:38 GMT
server: cloudflare
etag: W/"44e808ceba70a8e67afa883c1bf6dc20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 07022f6a3200002c2221019000000001
cf-ray: 6016e8238a3b2c22-FRA
expires: Mon, 14 Dec 2020 09:35:02 GMT

GET
H2 200 3830659.js Show response
js.hs-banner.com/ 52 KB
13 KB 35ms
17ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef3dc3184fbd9b8c7135baf6aa8f832d7a665af2b39c9799c9d5a863b2eb024

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=STD1fA==, md5=kQ6sOWrcctcC68iZVZOT1g==
date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 95
x-guploader-uploadid: ABg5-UwthXetWoI3MbShzucxXFHg8fFWyNX5PK7QK4ddzqeKLzkAv9_BKA5miR6IPy_rIIFNL7EVtgLVLaetnoEwk9hE_qoQEg
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 07022f6a3d000006313b9d5000000001
timing-allow-origin: *
last-modified: Wed, 09 Dec 2020 18:54:11 GMT
server: cloudflare
etag: W/"910eac396adc72d702ebc899559393d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1607540051628712
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 53341
cf-ray: 6016e8239e480631-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 14 Dec 2020 09:33:57 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948015301/ 42 B
138 B 23ms
21ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948015301/?random=1607938232833&cv=9&fst=1607936400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=2683561833&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948015301/ 42 B
154 B 24ms
21ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948015301/?random=1607938232833&cv=9&fst=1607936400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=2683561833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
94 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-67143636-4&cid=984765120.1607938233&jid=41226162&gjid=1850863442&_gid=1274703206.1607938233&_u=YAhAAAAAAAAAAC~&z=734246031

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Dec 2020 09:30:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 44ms
26ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2113803
strict-transport-security: max-age=300; includeSubdomains
content-length: 22655
cf-request-id: 07022f6a4b00001756579ba000000001
timing-allow-origin: *
last-modified: Thu, 19 Nov 2020 22:06:27 GMT
server: cloudflare
etag: "5fb6ec63-587f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 6016e823af771756-FRA
x-amz-cf-id: U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires: Fri, 19 Nov 2021 22:20:27 GMT

GET
H2 200 common.bundle.87b091d9d84eaed6dbe4b55a9db430f1.js
c.disquscdn.com/next/embed/ 0
93 KB 35ms
29ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.87b091d9d84eaed6dbe4b55a9db430f1.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 311255
strict-transport-security: max-age=300; includeSubdomains
content-length: 94782
cf-request-id: 07022f6a4b0000175655b71000000001
timing-allow-origin: *
last-modified: Wed, 09 Dec 2020 23:56:04 GMT
server: cloudflare
etag: "5fd16414-1723e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 6016e823af7e1756-FRA
x-amz-cf-id: HRkjEg4Urx2QWFQaTjf7ldkH0TcytuXJ59t30KTyVHMHdHnE6QwiEQ==
expires: Fri, 10 Dec 2021 19:02:56 GMT

GET
H2 200 lounge.bundle.c0b8810dc692c28a7d9ac1b0d050dd0a.js
c.disquscdn.com/next/embed/ 0
114 KB 17ms
15ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.c0b8810dc692c28a7d9ac1b0d050dd0a.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 311255
strict-transport-security: max-age=300; includeSubdomains
content-length: 116358
cf-request-id: 07022f6a4b000017565620c000000001
timing-allow-origin: *
last-modified: Wed, 09 Dec 2020 23:56:04 GMT
server: cloudflare
etag: "5fd16414-1c686"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 6016e823af7a1756-FRA
x-amz-cf-id: QcGMNJzra1sXogror4KIq54dgAygHqLXwbYxe3sWYXEkFOUZOFeu4Q==
expires: Fri, 10 Dec 2021 19:02:56 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
10 KB 57ms
22ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 09:30:32 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 38
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9280
X-XSS-Protection: 1; mode=block

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8393 0
0 33ms
32ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlEWuLQLv1KkC1h8CfqwlhVjNG2Xf1sWP1wJcIsx3NluoucTkDnt4PdpdQh30YxvsDYSTm8PC2L-zHDjiwmHcmLMxcWyNuYI1gppLF_4yoqxNXNyRPJDDbwoS9_ka_8KrHd1AwzygXNTXBJmGxoS19WdDqgruSdFtNSjOvwj2OP4GJ4SY238MJfc2B9GsafrauRCsOllBkyiDffJshIfTpJDVQUY4g2c4w9w5P95QV8caC4qeIMC68pplQJa-A7YC1dhUGS0mvNTejF893RxcrsT-nhOKdwi9HIjMo0Gb-7uTfX7eUNPTixkxar2b02bIkzm5N&sai=AMfl-YTogy_alcGUSsfH8Tks20462oBYgabMkEvbzmGmkIqiiwebSwGnk4DbB86pI5IytroE-UqPgTVx4S5Uf5CQQB_OoSkNSTKzjZ22zJo3flR9GLP0HlN4eL6y1jSaV1o&sig=Cg0ArKJSzOMU3dLtY1V1EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 8393 3 KB
1 KB 70ms
56ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 03:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 03:27:47 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8393 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:32 GMT

GET
H3-Q050 200 485383512407079550
tpc.googlesyndication.com/simgad/ Frame 8393 161 KB
161 KB 71ms
57ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/485383512407079550

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82de558a8c54f65a916e794ed366dc1f62a6676cf75252421d63da4575e36386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Dec 2020 17:43:22 GMT
x-content-type-options: nosniff
age: 316031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164745
x-xss-protection: 0
last-modified: Thu, 10 Dec 2020 16:17:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Dec 2021 17:43:22 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB18 0
0 68ms
67ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTyTG2p4pf4RdNy_iQ9Uhae_m-iN8Mav8xZPt9kaP7IeYtLeTPJ3MoYBlw7dwaxa0ur9e5oI4XKUnBR1T_eiEAKciGvVHBzcp3o8BXPsV0vyn7MD8KoazVyE5U03g6mcYSuXZijcLbqhb4a0IVr50JuZ-UtNCbCnPTqHlMUyjdDoGO0y4m_VDKjx3C-MZg2eSKwKeDRDk1FQwXKbEEASzpinIU7bT4HrjNm-BSta7OCRb-wWNKGUZ9n4zqYccgW1Rt8WhuEGN870BOkh7-OkJFJcn_RMexz_-NSwnP&sai=AMfl-YRj8cMs2ypsAArfVMn0BXTOPt-o9_33YZW56b7QyAO3iSMUGAnVSQSnO3ruAVOCBfuPlVLAFuHPnr5o73yYq4nq5NWs-F0RtpKoGzUSLM5B0Xlwl6cpxMKXNsrTmyM&sig=Cg0ArKJSzBgGEOj_EpFBEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame CB18 3 KB
1 KB 65ms
56ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 03:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 03:27:47 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB18 76 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame CB18 0
0 15ms
14ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-yEopuejJt40VMXqnjn1kr6t8UT6Bq-FuQXLFbxd6lOC9p5-izrWLh2vqv6wHa2QxELV7
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 16087027898513391236
tpc.googlesyndication.com/simgad/ Frame CB18 40 KB
40 KB 65ms
57ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16087027898513391236

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 06:49:53 GMT
x-content-type-options: nosniff
age: 182440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40837
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Dec 2021 06:49:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A2D 0
0 62ms
61ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6hUx1SWaOdgaACMHcen6Ii8ojhhM4HX-UF2gV1zg572reB3IrAF3cB3afgSlUsfokMOnJgaMnVcAPeeGEvfywP-irKOYll6CqP2BvWXe9kf1VkciMlFJWXWK1uMW4wG364E0UqxLTBPbX740qn0oYtt7jTS08ZYC7VxwEu2ont4_Y-ZjS--XYoIacHWcTfRVFTuKkWSsJPGJGN4xwyF9jsLUET8nWIBMshqW09pNUClWWuu9lKKLa8LV0EN2yeuSlsqB8sEtAIFOhfCdpnbAFS9KzXKWG-I7UmuvvpA&sai=AMfl-YTlFjwqrzx1AJctq82wSMCZvxO3m_WbQjusTp1Prdi2lPyjsOLJW3qG13bnuIU3ZWjx0rObBgaNLo8bFwfXECu5XdAHisgBP0VtVuha7WJQZ0gVQXXDMocOJjC5AmY&sig=Cg0ArKJSzEZ4PUeC4ku3EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 6A2D 3 KB
2 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 03:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 03:27:47 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A2D 76 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6A2D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5r76yuxaPOVhhnFV7Qr1wGVTUF37Vd4GmlWnNUXJDQw8niebKduV5NZBlk5iUOJLbnUCa
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 12598932462570953785
tpc.googlesyndication.com/simgad/ Frame 6A2D 46 KB
47 KB 158ms
155ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12598932462570953785

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 15:26:20 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47548
x-xss-protection: 0
expires: Tue, 14 Dec 2021 09:30:33 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 45CC 0
0 52ms
50ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqxvE8QzXmADJ4mTo23q_Wd3KQnbzrJ5awnzUxSoT6egFLglNXxlklCxCg-C5q2QJV2hVG5wodyv-qpCGjGdtnOSjQDPEDFp7XyS_klaJo5rZwM_DeDIkSBRLlFKH61napH1lRNhWGxBuyRdFI1lJ4KlV1_3Tyo64wnfV-_arHStMi0fxU_j1wLedOcevCncKGY8QExEec_vOgh6FmQtjVJP9cSuVdq7sxM48dA-FIxc-mMPQFUtTSQCASQ7nxyOlKK4SDn0l9soVShJr3OVPhaucSth-OvX_4ekM8BA&sai=AMfl-YQhV7lnitn7FsptZw-bebLB5fBCHE4q5Igc4-7kkw3HfIIQ-P2RRb9cW8PCccYklrFkUra9SqszS1vt4pc8PfKJGVKoLigSCNbjMkwZiHeQJR6HAWrgvRXTSdf50_0&sig=Cg0ArKJSzJDFhPqU_uTfEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 45CC 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 03:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 03:27:47 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45CC 76 KB
29 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 45CC 0
0 50ms
49ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4UL6hGovY5ZjMgyz2iEgKE9d4b26xcmjsDg8e5KumO8e64E3L0yw8AKQxG8Dvsc1fIozS
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 14015424997989743780
tpc.googlesyndication.com/simgad/ Frame 45CC 43 KB
43 KB 150ms
149ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14015424997989743780

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44348
x-xss-protection: 0
expires: Tue, 14 Dec 2021 09:30:33 GMT

GET
H3-Q050

200

13810547153303696996
tpc.googlesyndication.com/simgad/ Frame A1F0
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4Tl9zIR1vZenxngvaK5ZYnLyobVK4AAP1oVAnOxAECkQzort7KytNzWA0tBQusU5edRtVBLZqM6Jh9-fRVU5OoHvp3E16UcnhgBRtEu82HB9Vz2fUeourXlrvEgCUR9kZAiHgDTBYK...
https://tpc.googlesyndication.com/simgad/13810547153303696996?

44 KB
44 KB

8ms
7ms

Image
image/jpeg

2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13810547153303696996?

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 09:49:52 GMT
x-content-type-options: nosniff
age: 258041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44712
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:39:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Dec 2021 09:49:52 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/13810547153303696996?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
331 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=239203017352524&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607938233074&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1607938233073.1333079546&it=1607938232830&coo=false&rqm=GET

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B573 0
0 60ms
58ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuypsU7Yne0gnHY35OjTGNmtgvJnqMPOG5BXM5LsmbNTNvlxHL0yN7ddOUkpFk-zEYx3AdMojg7EU7-m-mrrG4uMzDwy2-h4pmK_SJyvj-lnFk-9aroHfdzQg5Lv5u6AZ1eZhvtpcM8zHMV3X3fPdxEbLzNQ2uBrxqHHUtt6ErCAz5FL272bER_fOVewtEN5BBoB3xeGxrj6DWOIZnfjzpdFL5WE0M7dYe15_dLMOqTNUMHizw4xDwGxpNFaWiNUuL2j3GYhNlSv9dVEXuJlBkPEmrTHGzsTJPd5Cz7lQ&sai=AMfl-YRp_yHrkCtOMChCO-uEU4Z7zwvWgQPULlVsXIhyDGH3g1C8eWW1K5ll_kMfL3mavY-ijWTRxaAMu6r6xXLFZ0CVd1boNJYf09jR8IFJmisykFp7_ME9Wt-PEitQMFQ&sig=Cg0ArKJSzKdvZTe1x2BEEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame B573 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 03:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 03:27:47 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B573 76 KB
29 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B573 0
0 15ms
13ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQewJQm0Eu25cyHlyIRYIEAN7ePQd4_XEY3pQya-zRwJfVu-CITQdwraRmJekfJqemf3bRv
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 6815374505450486557
tpc.googlesyndication.com/simgad/ Frame B573 75 KB
75 KB 89ms
88ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6815374505450486557

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e707165a13eb684d16e351948ba85a8f5ac228a897cfce7ce3f5d30f5d9ae938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Dec 2020 17:39:43 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77032
x-xss-protection: 0
expires: Tue, 14 Dec 2021 09:30:33 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9E2A 0
0 55ms
53ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsva9lKu6sUjXXj7Axm5PRRtY9Z3Up-9jK_b2w4kQsw7DSM6Tm1dCNybaGk8zc0sbvnXDcFZs12yyP7BZRi7C3lw5Ove-FEw4DqxS9ImpQr5RB7hVPXKNmkdsI3rU06JcjUPgwsc_YTGG-8fVvIcvbetRev2utSWRYxbMklrg3HaHGgyOuo75Hhd26z5Ef1nE4xgE53BPe4GYkIIYGrFm6_8KQVfSpmC8xAPXoF80P8zNScmCWh94lJLpFGJ3b9VmK6jAdl5VSOrz2ZJfQLd3hXu8hdh9DvRAAI57UaCig&sai=AMfl-YQvu0pCWCE2pEa4BxxPA_FawSGcBZCKOGUQYmef1zH0g1dIYXVAnncyyCmiApEKvCJG5l2biinXJO_tfQItW4SBzcpGMsFq2GkK6w1Q5AkwuLE3ZJiLhlgXy2l7jkI&sig=Cg0ArKJSzL-0TVR99q4gEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 9E2A 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 03:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 03:27:47 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E2A 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:33 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9E2A 0
0 15ms
14ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfwDKuq5mgGHzvlhKOo6mAFjF39NQVI78hXBgan6YgdajseEJO1vAo_p0nb5tkhjmHGzp5
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 8091804047278586021
tpc.googlesyndication.com/simgad/ Frame 9E2A 46 KB
46 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8091804047278586021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 14:37:22 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46899
x-xss-protection: 0
expires: Tue, 14 Dec 2021 09:30:33 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame C7F4 0
0 206ms
205ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

Connection: keep-alive
Content-Length: 2749
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Fri, 11 Dec 2020 20:35:01 GMT
ETag: W/"lounge:view:8304289896.1a712cca7a006174d37d2a69da1457bd.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Mon, 14 Dec 2020 09:30:33 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8393 0
22 B 31ms
31ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviLf7kBrISSwBhZ7mZsb_co873oaVblTonXreubTKkzxjq4JuqDLHXYj4wdTX5QSR4DQKpFIyhE3EdALftsMULNZxE0MTN5oJ6vSw4GUTN85LTu7hutkTr-gbQnOY6SPLM3oOEF9M3Dvhqa1wqchyF8Bg8KBcY28G0n73O-HAHlI-mJtNq7SU7-Y0fmT6mw85bKFGEmaVZyRIx5eUR5omGH32-9lpDsF98MhDV8_J4NFa94RTFSlbIF4-bG5O41BvmHcvawLVGcfgiomQWOI_MJVv79OhcRdQRSh1zinaMrAinbfiesiy9&sai=AMfl-YQy2A_4NkY1sWZvoQC3YoVSQTskoRIarE47QlXRuGhD8XQdfSFMIW4EcaQt6LQeCeI4KbubZsPjNLb53ROeu_0Wfb5P95Jk_f2oz4v8e_rXqe3HsFxT04PwJ7qoQf4&sig=Cg0ArKJSzGwKcO1rSDxJEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8393 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f60b849f97ccdf169e7ca0e433008f2ae7c273beab39176f6e431b06c9bf87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB18 0
22 B 31ms
31ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcmer5x2rdZOpdscKhDjUzWvXcX6UH6vc80wOz7SDtBGF2dldbwZkR5PpFP95W2ahE8babJEK0ezB6in-2HGuqoyOAEaEXsGW4JXpvBLlVg1BnlgvjonnxXsbCXEPZqluhDwsvR-OiIL4uYIz25c9w1UsHvEOAW8G1fM9PBqVqV5JblFDyZDVS9jwY8yh9nOoCxnzt8J-SofgWmMDkERSuFY98uFKgCVexTs3VYOJdfydpIkEzP2__jnGMYtzwE2VQqPEHkZ58Z7peRh11xdZccNR-yxfjxsGaB-CGwHE&sai=AMfl-YRN97ost_r4DopHk5z1D6a4-tCIzySCNP8nwIsZe9SFg-SD3jkYkfjKgN4ZImJQzSDP7sgZAaVRGxByyeb7XPm9JcncWzT1h_3Gw-EnwCygH0CYB5PIpgK4J2-Xx8E&sig=Cg0ArKJSzDxjLwILpBPOEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CB18 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c164d877b4ad9b5e5ccbc407f0146495130723574ce7211678e692639344c36e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6A2D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b08445247618c552302d8c6956c2270fabe711aa5d1ec00e4693f46277a7fcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 45CC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39e197ab88f1e4b45eb326898e2d54f30dbc56a9cecd20e16790eb44dcefe554

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B573 0
22 B 32ms
32ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQcoJGS8vsRxN_2tVyfr3OFMpwDb0pmugJJfCNrK4Ce5xCOsahOguM4X4y11Sb2aAGh6OyWd8LhGGCBPyseExVLYGvjCtOWCX5hLm7S2DaUhUfWVAsrRILTAt2ZOGCtiEt1Wi2fnql4ZqO5xuN_SwMgSg9hndWwdf5AeZ9R9QmtHcTqSnMlsHj2JKGWLgkqQ-IYTT5C-fZR2S0yOohXy8AFgOhZRcc_PfYYFKJQ-rWRczOBwCYUIJL6uRFa2UVErVpmdwjlOzQhNnYHhyhdLwLgEUPyl5hKXns_n1BSLA0&sai=AMfl-YRHqLvl8vINn_x74SmWB5yGflnFiIMoKgr2XWiH0b7rL_PgKaoAnM7jS51hGcaEBJt_zQaOX6HE4hfiVoXBv8GqzKeXeNK1zJSqm7EA28ajUiGyin1BeVFVUm9OkEA&sig=Cg0ArKJSzBx0YEy8UWMHEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B573 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f69d120719b3be42cc09ebde9ec1f244d22193414ad7adf25dc80593c496b815

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A1F0 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33c8b6ec844186bd93a3c954312087bf7f07f670ac2284aafa45e13818fbd52

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9E2A 0
22 B 36ms
32ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIlXH22e6ocv802LxQF-UWOlAMU_k-KxhwZUaWf7VY3-HpG0GAfKKMkrXQWumnS40VWtu24iZZnbcn8D--Q1_ft99o3f5awI8fM9cK78cv04CMdRHyTUGhXIVbiLP2dH9V5p2iwApq5kP8KWR0MB6qVAkq_SWAjbx8TO4sAMDFobh1UkqIhZqCe5tmu5PmfjVZ_P8t2xd7FcEMIoKi1cH-FTNgRZI33IhMM1kV-GR1-KLcNw2v3pgMzdEyw3-NqRTQoDfMjViC4IAiWmYcT51AIvsWYpyzxmK_F-WsnjHS&sai=AMfl-YTr6rL-tJpzDn_vEIxZSh5H2IHm3cehR4jX9W72TNsK8vVCaAFjZAOmvhPZ1Nv2Ylq3wslJNVNCEMo5K9GveyrafeN5sOJjePLFWCe76Ton0ZJQvAj_f7CEOyd1dnk&sig=Cg0ArKJSzEYxqyDbZQWrEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9E2A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8f901a37ea8350aa4a8f5d628395be37ac0698ef0cc9e39642618d7a7a5ef06

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A2D 0
22 B 33ms
32ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvObzUfQgkT3JfDNMyVqevA_lIRmC8t9EW3HS-ODP71NDeOtYdQ9BeYyNDtBNWrZukBsTnikIGJjbjQiXqCkrW6_cf-1vy-Dt5lMml6F5QSsSC4ERFvqzsbtygcjmjN1pk5w8z1vmApAtc5py_Zsv0H-rxmYKDC2FWZWGnRWq3wxzBtYGa3gsC52rqc1GXQp8Xl8arULXwfm7S_qEZM53MpWgPDhZlowyb5pfkiMeFSY7FmfIUZHC7rcUzVIGSo3_7uctac8Ji1xAJc7tnz6u_ZS89VOhgkk6mF0ukGm-p-&sai=AMfl-YRdNKHKfQKg11usHvBzrXrFXo0WXCbNHLF1X22XMmS3fq7NV7wxbl-jJzLeAc3FGWNLOoVKApLs3cuTgmhvxRByBefdQlBxicoljzWwF6ChE9wR3u-kp-4ZVLJ-PhM&sig=Cg0ArKJSzNCJhWRlK87tEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 45CC 0
22 B 33ms
32ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWeFqknKIIfp0qQyO4HCQEjAdThqZN3onRxhD1F6_3S2OvHmNkM3z0w4dxbT2xCivqLUCXJ0zwV_FZwgev69Koaos-D1dAF0AlW8bD5aBLsFm1mZZoEU3LeVod3xu7PGbvli4ZBzVAzQo-jYjE7TlORmgDPlO_X4QWe51v8rZ6f4orEJovjDjfvt3W7OAWSaPjU1wOU0jJrJpPa8YEO7NIczQov-EhptARecJs58GUItMUFYGe0ilV-kpscvKavDvT5JkinX4EryUt-43u8GKq2VC1qtjuURQxUcubgqly&sai=AMfl-YRCArVgPUbhyZsZgLOJUuc72jI-D4cabTeH9ZsWMQgU85Y_dbyKfhLbw_2rU6FdduLBCMiQ6vsV1iiF9WTrsUlCDxtQ2SVr4yXS_bVZVxLbo7D_KKlCBzakT5lX4e8&sig=Cg0ArKJSzAkBYmf1SaiHEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 397 KB
55 KB 25ms
25ms Script
application/javascript 2.21.36.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.36.181 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-36-181.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7sDcLvGKTPrh8xIq2f5DynXc_Mi9vQVX
Content-Encoding: gzip
ETag: "1f2c64002f8e1b6eb56c304c2e892afb"
x-amz-request-id: 9C0A466D5B644741
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 55575
x-amz-id-2: RKvpIdckCIUfU1lGu4A9Vc4434+rKFeY6PhXnAc0s4O7wCj+IxmfMnCnJnqRhSwxJEODB4ztDYM=
Last-Modified: Mon, 07 Dec 2020 23:59:35 GMT
Server: AmazonS3
Date: Mon, 14 Dec 2020 09:30:33 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK favicon-32x32.png
nextroll.com/ 2 KB
2 KB 364ms
108ms Image
image/png 3.213.190.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextroll.com/favicon-32x32.png
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.190.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-190-117.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 09:30:33 GMT
Via: 1.1 vegur
Last-Modified: Mon, 30 Nov 2020 21:05:36 GMT
Server: Apache
Etag: "64f-5b5595f1ce800"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1615

POST
H2 200 /
www.facebook.com/tr/ 0
67 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLEU3BMJXaMZQLiwA

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 14 Dec 2020 09:30:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8393 42 B
108 B 14ms
14ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvR3DnbMnee6TFwqJS1ka9smWCZMjGOW2QK0ai6EF-Kmaj9AUegMp878xA5odhWsr532TGwNe5h5d0B0AyvBqxaDUHCNOQFn3ZYCYtUcoI&sig=Cg0ArKJSzFovpp9wm0kSEAE&adk=2393765783&tt=-1&bs=1600%2C1200&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&p=319,480,799,1120&mcvt=1015&rs=0&ht=0&tfs=121&tls=1136&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=9&niot_cbk=97&md=2&btr=0&cpmav=0&lm=2&rst=1607938233015&dlt&rpt=265&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-7-11-11-0-0-0&tvt=1130&is=640%2C480&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=640x480&itpl=3&v=20201211

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CB18 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8UdyzzcHBRJIe-j0MH2p-j1UyBJJGssavNx3zW3WnZANNOfXSGlFJKifRKu_rm2xw5ubCmoi0gEBk3m1Nm4i7G1pWQ2R3JMMJnT-YbSM&sig=Cg0ArKJSzIby5OWhTFsyEAE&adk=978150294&tt=-1&bs=1600%2C1200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&p=62,562,152,1290&mcvt=1012&rs=0&ht=0&tfs=110&tls=1122&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=3&niot_cbk=82&md=2&btr=0&cpmav=0&lm=2&rst=1607938233019&dlt&rpt=261&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1120&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201211

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9E2A 42 B
210 B 15ms
15ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaARVt8amFzUepB3Odtmvcd4Zz4fRl1HOeQkRTQZVwmpyUcwrXU3UlF6uLbaBmdkbhv2jMnZ6VyRv8BbTQQq3SBUNC7sIif9N3hVt02pk&sig=Cg0ArKJSzJ25_nqLk5BkEAE&adk=3325824990&tt=-1&bs=1600%2C1200&mtos=0,0,1032,1032,1032&tos=0,0,1032,0,0&p=827,313,1427,453&mcvt=1032&rs=0&ht=0&tfs=123&tls=1155&mc=0.62&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=9&niot_cbk=33&md=2&btr=0&cpmav=0&lm=2&rst=1607938233107&dlt&rpt=167&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-9-11-11-0-0-0&tvt=1147&is=140%2C600&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=140x600&itpl=3&v=20201211

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6A2D 42 B
66 B 16ms
15ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpN-7u28jeVKH6ci4ZMVQr-VN86rhLpuOWRnOflWOPQU9ngBOP2lhVJ7PMiZH75bHZBJL4MyIisRQkpKHML1_svmBtWTdH72mYsUBDaNg&sig=Cg0ArKJSzPg8g-CTU4WKEAE&adk=1704434660&tt=-1&bs=1600%2C1200&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&p=251,310,491,1290&mcvt=1032&rs=0&ht=0&tfs=186&tls=1218&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=73&niot_cbk=95&md=2&btr=0&cpmav=0&lm=2&rst=1607938233019&dlt&rpt=276&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1216&is=980%2C240&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=980x240&itpl=3&v=20201211

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 45CC 42 B
66 B 15ms
15ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn16066qOVmZLebj3RYX9aOXVpDfvng3uYVDRY_EEHniWPS0F5WpJp2LstRxBwpUJXQbLdYD7XIzfZNowmqmWXDpfDlFGON_Rrka-sqU0&sig=Cg0ArKJSzBMt_Thdw-hjEAE&adk=3984907446&tt=-1&bs=1600%2C1200&mtos=0,1030,1030,1030,1030&tos=0,1030,0,0,0&p=667,990,1267,1290&mcvt=1030&rs=0&ht=0&tfs=181&tls=1210&mc=0.88&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=66&niot_cbk=87&md=2&btr=0&cpmav=0&lm=2&rst=1607938233019&dlt&rpt=277&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1210&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x600&itpl=3&v=20201211

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 469ms
454ms Other
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3830659&conversations-embed=static-1.7976&mobile=false&messagesUtk=f6513ee07cf644b4954056d6aab36b8a&traceId=f6513ee07cf644b4954056d6aab36b8a

Protocol

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.insurancebusinessmag.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Dec 2020 09:30:39 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2B5901D603DDF66D128B4F1A179E555735FF368921000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status: DYNAMIC
cf-request-id: 07022f828200009772ddbfc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6016e84a6d359772-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 94ms
30ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: DD7864003C5CA047
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44662
accept-ranges: bytes
content-length: 948
x-amz-id-2: QZsv8He4gCAWkZyfO692XnPUzTy0s9bUu/LN+U2M09eNsTLXpPT9nNZ8h6o4U/DJ/GnpJJB2B54=

GET
H2 200 sj.js Show response
cdn.sajari.com/js/ 73 KB
23 KB 136ms
34ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.com/js/sj.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 21:13:54 GMT
content-encoding: gzip
age: 44205
x-guploader-uploadid: ABg5-UxfjWhWIriellHDhapqqPeWMe4lg8g-z4qpUJ2V5AoAAsNJZW9HFOF9upeI7xQug_c13iFEYSY-cqY-xbiGO2sQ7BzbvA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 22520
last-modified: Fri, 09 Aug 2019 06:30:26 GMT
server: UploadServer
etag: "3fff0fe5f3afe436da542b563b190778"
x-goog-hash: crc32c=dbS54A==, md5=P/8P5fOv5DbaVCtWOxkHeA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1565332226271049
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 22520
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 14 Dec 2020 21:13:54 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 351 B
478 B 170ms
169ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

date: Mon, 14 Dec 2020 09:30:39 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269
cf-request-id: 07022f844b0000977245ace000000001
server: cloudflare
x-trace: 2BBCEC8B689386EE5B243C861BAF924909B58ED1EF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6016e84d4f039772-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-57392d15fa194164/ 2 KB
762 B 195ms
193ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-57392d15fa194164/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:39 GMT
content-encoding: gzip
etag: -1792729687--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=50, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 585

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 25ms
25ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 14 Dec 2020 09:30:39 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 /
re.sajari.com/ 48 B
48 B 201ms
159ms Image
image/gif 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re.sajari.com/?company=keymedia&collection=insurancebusiness&cc.co=keymedia&cc.pr=insurancebusiness&p.ga=&p.id=1607938239210.678437&e.id=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec.ti=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&ec.de=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&ec.ke=&canonical=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&bodyChecksum=8acea10198121737a953108a978c705b&metaChecksum=9fa55bef232096ad927a2f87f0dc9f12&meta%5Bviewport%5D=width%3Ddevice-width%2C%20initial-scale%3D1&meta%5Bdescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bcustom%20meta%20field%5D=2020&meta%5Bauthor%5D=Lyle%20Adriano&meta%5Btwitter%3Acard%5D=summary_large_image&meta%5Btwitter%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Btwitter%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Btwitter%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Btwitter%3Asite%5D=%40InsuranceBizCA&meta%5Bog%3Aurl%5D=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&meta%5Bog%3Atype%5D=article&meta%5Bog%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Bog%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bog%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Bpublished_year%5D=custom%20meta%20field
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cloud-trace-context: ad097432abf796064700775aee51ea83
x-appengine-log-flush-count: 0
server: Google Frontend
date: Mon, 14 Dec 2020 09:30:39 GMT
content-length: 48
content-type: image/gif

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
592 B 55ms
38ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=3830659&rcu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&pu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t=Malicious+actors+publish+data+stolen+from+fuel+company+%7C+Insurance+Business&cts=1607938239398&vi=6f4961d305d780142c07c482b84342d8&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 6016e84c69cb073e-FRA
date: Mon, 14 Dec 2020 09:30:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 07022f83c00000073e788fe000000001
x-robots-tag: none

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 25ms
25ms XHR
application/json 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ec2a39096cfc996b7c69b9f7c8395d125d1da1c9854592771a37795dea70213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 09:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6508
x-xss-protection: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 134 B
770 B 154ms
139ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3830659

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07022f83be00002b4d888c4000000001
server: cloudflare
x-trace: 2BFC5FCEB9D80CB15B4CC7CD7518EC057F50482432000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: false
cf-ray: 6016e84c6c582b4d-FRA
access-control-allow-headers: *

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 14 Dec 2020 09:30:39 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 5593 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 14 Dec 2020 08:39:46 GMT
expires: Tue, 14 Dec 2021 08:39:46 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3053
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 661917934558964 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661917934558964?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

12272a8d5b60670da77cab7ae3d56bbd67064522a400733c66f2e88136ada752

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70232
x-xss-protection: 0
pragma: public
x-fb-debug: C2P96prntw9FW4DlgYHGRaKHqkTgXwf68ed8TIj8L8HykFxlN0Vcb2mu5kBsdU9zpjzYzOnhNiRIWXX00Yi9Ng==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Mon, 14 Dec 2020 09:30:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1473320740
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 228002331440464 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/228002331440464?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70193
x-xss-protection: 0
pragma: public
x-fb-debug: wiuzBaJnZ8ipCW6y5GosHgpp2T1GFNGCPXz02pN8orG5o5Sczh/O4LXXnarEd0VLIP/QZ89LjbwoqeGsDAt1ag==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Mon, 14 Dec 2020 09:30:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 485817644
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661917934558964&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607938239661&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1607938239660.1954505528&it=1607938232830&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Dec 2020 09:30:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=228002331440464&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607938239664&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1607938239660.1954505528&it=1607938232830&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 09:30:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Dec 2020 09:30:39 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
25 B 18ms
17ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120801&jk=1306839126782078&bg=!FhWlFTXNAAXKjztBylgQtrm9ZFCAaAIAAACdUgAAAAtoAQcKAc_QqYED_I9a3bNR_YlQvAgK7rKc_FY22JOosx21VdwfaQofK0RLzvwA00iaOqX1EOddfOVfDWzisXlwy98mAy_sVfXJsOT12v0vWXriFO2pdX5gbKLnfZBmR5Tt5PET1wyxGJQi4wHs1unAOeipjFCIO-7QRnE4_poCGPMGXyI-p16zJoimAxtJwQAWkiENt3Sg1GQhMpjUNuhI3B49ovdIf-a3R4934334oL4Hk-0r20kKpiNTBtSutRCPNwUjXgpz8tcwBQyuOd8xi06dufk-_HvZon2bGXszhJrboXvc32L-32qh6htlJnhiJbWAq63C15UpaOPCiCwuDzDibI8bpEUEYl-AeAkUxdIVr0PKeFB2NUFCn7zeHZbGZQguEW0EdJcSh8c4BFjbyDFei7I26CHVF_nF8WHUo_g3XQN-dBxkn7eqw7U3GfDhIL4127THUP3q7wa8UMj9783ULWHkqRZszMihzdy3hg_CzkHEqF-4Ev5mTOhvL1QU1S_rYreH4ZS5a_u9VSVznAR2scRHk3JbPyl_VxeOkzoAbc44uAxVCraW4Pq4zcWOyVkc4nyjqoPvUO4dA6EmQGhSwNgWW-Ct24ar1OBPxZCvTIBFmQHFc-k5FoofnaDRJmy3enl7eoErp5j3u5dQdJdKmRONM_kT_36WPkKgIsOYsr9wpNmUVd9-OJtofdwcBPxXV6siSUu6vPrR7Rebdt7Kv4SWXNhq_J6O1rhUWrIetmjUnNvp2V54tNFvvzyWE8RmIVLhUDYZC8ayr1X7WckKJig-qJh5hL-hf90sZl5VwLlBY6FNjchQC0eBrFELp0tsXVYF8KQq_wfOT5EJIHFxlqR3AMZ0id6-S2uI8KlOM3nobUUni2mi0mZEF7pCRORwDPdEis5C31l2Ry1CpnKb19MaOPgv3QWG1ywN97vy3MzRyPbE0Ul6lybixjP_le9eTjLG8fg2RHX-PeRqopMDKXBy8QbfvG1LWZfZR1VEEBDDh7ysVB_31Qm5WdE3cof45hG_sZJfo-egBFpCdw6wfxKzifXn4hVHVcK7joxRsEK_bi0XeaR2Jj9fNPgXvuVHAd8EotF-UWAl8WGfXwVmw4WcMaBFDzv0RXymBXmorrSfDU3DqTWM7eL7zjRc5Vn7MklWlOwmuiegcJbKXOZNs-_YgMnMohmMTNdfBMHPLz_xrrV1TQ_Sg-pNItLGOG8xoPacrGO-JSmx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 09:30:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
55 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAizcBhlnZlB6m8SZ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 14 Dec 2020 09:30:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
32 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryehnXtYiREdX5WlQI

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 14 Dec 2020 09:30:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.insurancebusinessmag.com/	1970-01-20 00:09:12	Name: __atuvc Value: 1%7C51
.insurancebusinessmag.com/	1970-01-20 00:00:34	Name: __hstc Value: 226989634.6f4961d305d780142c07c482b84342d8.1607938239396.1607938239396.1607938239396.1
.insurancebusinessmag.com/	1970-01-19 14:39:00	Name: __hssc Value: 226989634.1.1607938239396
www.insurancebusinessmag.com/	1970-01-19 14:39:00	Name: __atuvs Value: 5fd730bf3aa71038000
.insurancebusinessmag.com/	1970-01-20 00:00:34	Name: hubspotutk Value: 6f4961d305d780142c07c482b84342d8
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: sjSE Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29811d38f03bbc5c43fbd4c58c60099e.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
api.hubapi.com
api.hubspot.com
c.disquscdn.com
cdn-res.keymedia.com
cdn.sajari.com
cdn.sajari.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insurance-business.disqus.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
maxcdn.bootstrapcdn.com
nextroll.com
pagead2.googlesyndication.com
re.sajari.com
s.adroll.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
use.fontawesome.com
v1.addthisedge.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.insurancebusinessmag.com
z.moatads.com
104.75.88.112
151.101.112.134
151.101.64.134
172.217.22.2
2.21.36.181
2.21.38.40
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
216.58.212.130
23.111.9.35
2606:4700:3037::681f:5ebc
2606:4700::6810:125e
2606:4700::6810:a852
2606:4700::6811:44b0
2606:4700::6811:74b0
2606:4700::6811:cccc
2606:4700::6811:d5cc
2606:4700::6811:efcc
2606:4700::6812:14bf
2606:4700::6812:a913
2606:4700::6813:9b53
2a00:1450:4001:800::2013
2a00:1450:4001:801::2001
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:814::2002
2a00:1450:4001:817::2002
2a00:1450:4001:817::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2008
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9c
2a02:26f0:1700:d::1737:6e8f
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.213.190.117
34.255.51.39
35.190.50.98
0035934ed6b9f80f300fe3bcb1cd02cc516e48c44f727e2bd4b3225e63d43f86
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37
04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576
0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec
12272a8d5b60670da77cab7ae3d56bbd67064522a400733c66f2e88136ada752
1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1ab092634138c04c4d400ffe26f4d1e7e332adbd7ce2b974288b0674850bc2b0
1b08445247618c552302d8c6956c2270fabe711aa5d1ec00e4693f46277a7fcc
1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e
2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6
21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276
25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142
267e1573e3f12e561d6ff82ac15be65e3d0c7ab86f43accdbc666a46a1cd0860
315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf
39e197ab88f1e4b45eb326898e2d54f30dbc56a9cecd20e16790eb44dcefe554
3ec2a39096cfc996b7c69b9f7c8395d125d1da1c9854592771a37795dea70213
40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82
4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4
52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5a2e775be063c9500eb603fc4795e53e52bae4c9b07eeed597fdac1e1efd87f5
5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
62f60b849f97ccdf169e7ca0e433008f2ae7c273beab39176f6e431b06c9bf87
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
82de558a8c54f65a916e794ed366dc1f62a6676cf75252421d63da4575e36386
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9199ffdc114d54fafaa64236b8311b5e4f845bb8d60665b0486e7b554eb75287
974783674a101d7c89abb9db102a9aaa7284ee52be11003c127b70aa25b665ab
a8f901a37ea8350aa4a8f5d628395be37ac0698ef0cc9e39642618d7a7a5ef06
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aef3dc3184fbd9b8c7135baf6aa8f832d7a665af2b39c9799c9d5a863b2eb024
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5
c164d877b4ad9b5e5ccbc407f0146495130723574ce7211678e692639344c36e
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d1c4c82f69f9ebf7e42ee5cb09386f41d590a1e111c1d37e310cfc57fb563391
d1e9ef352606557edfb35cbff6fbd2015172657021396259a87f54c64eb113bb
d33c8b6ec844186bd93a3c954312087bf7f07f670ac2284aafa45e13818fbd52
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21
e0e32897bd67bc608643a6d0b9ee6a8b7a4aaae14377ff94aa13cbcfb6801bf4
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b
e707165a13eb684d16e351948ba85a8f5ac228a897cfce7ce3f5d30f5d9ae938
edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f69d120719b3be42cc09ebde9ec1f244d22193414ad7adf25dc80593c496b815
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
f97f7e7504bc13af9e1ed4357aac452737a214d7f169327d374c3250f81f1eef

www.insurancebusinessmag.com Open in urlscan Pro 2606:4700:3037::681f:5ebc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

129 Requests

100 %HTTPS

73 %IPv6

37 Domains

46 Subdomains

41 IPs

7 Countries

2598 kBTransfer

5789 kBSize

7 Cookies

11 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

100 %
HTTPS

73 %
IPv6

37
Domains

46
Subdomains

41
IPs

7
Countries

2598 kB
Transfer

5789 kB
Size

7
Cookies

129 HTTP transactions
7 data transactions