www.adaware.com Open in urlscan Pro
104.16.236.79  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?CtsSyncId=2AE93687AABA4F1795B313C4DDC0272C&RedC=c.clarity.ms&MXFR=39D999E9012F680A0C29885F052F663E HTTP 302
• https://c.clarity.ms/c.gif?CtsSyncId=2AE93687AABA4F1795B313C4DDC0272C&MUID=23D375450E8E6E74080364F30F5C6FB0

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 50-banks-in-pharming-attack Show response www.adaware.com/blog/	36 KB 36 KB	210ms 192ms	Document text/html	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fe1dc66eb05af2edc2db2e434e337088922a0672f1c9534716589cd2caba932 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers backend k8s cf-cache-status DYNAMIC cf-ray 7144136ffd246949-FRA date Wed, 01 Jun 2022 01:11:33 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare
GET H2	200	style-1.0.css www.adaware.com/css/pages/StayAwareBlogItem/	37 KB 6 KB	17ms 16ms	Stylesheet text/css	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0744d9a8a1652786dd3ed883bfb56a524d01a8592dfab8d4a7e83cf7907fd44 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/blog/50-banks-in-pharming-attack User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:34 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 06 May 2022 13:41:42 GMT server cloudflare age 706 etag W/"1d8614f04e7bad1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 backend k8s cf-ray 71441378cd966949-FRA expires Wed, 01 Jun 2022 05:11:34 GMT
GET H/1.1	200 OK	adaware.com.min.js Show response jtracking.lulusoft.com/js/v2/	54 KB 13 KB	295ms 95ms	Script application/javascript	64.15.159.203 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://jtracking.lulusoft.com/js/v2/adaware.com.min.js Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 64.15.159.203 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash fbf3326bff5fdf22ba7c9af7a721305731287c31992d3520ccbca2797c5e876d Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Wed, 01 Jun 2022 01:11:33 GMT Content-Encoding gzip ETag "0dc83dffe69d81:0" Last-Modified Tue, 17 May 2022 15:00:40 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=600 Accept-Ranges bytes Content-Length 12638
GET H2	200	logo-adaware.svg www.adaware.com/images/shared/	3 KB 1 KB	16ms 15ms	Image image/svg+xml	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.adaware.com/images/shared/logo-adaware.svg Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c0f13c7a7b549350475c81f787c051ff5fc7cdaf306ac318e2835fddfc4f195 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/blog/50-banks-in-pharming-attack User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:34 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 27 Oct 2021 14:05:53 GMT server cloudflare age 1 etag W/"1d7cb3bc0ddfa55" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 71441378edae6949-FRA expires Wed, 01 Jun 2022 05:11:34 GMT
GET H2	200	canaro-medium.ttf www.adaware.com/fonts/canaro/	72 KB 73 KB	15ms 15ms	Font application/x-font-ttf	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/fonts/canaro/canaro-medium.ttf Requested by Host: www.adaware.com URL: https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82e2d54e8b1cdcae9b368527a8ec95cd13d93f94d2b2aa7b3bcea98c4a775794 Request headers Referer https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Origin https://www.adaware.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:34 GMT cf-cache-status HIT last-modified Wed, 27 Oct 2021 14:05:53 GMT server cloudflare age 705 etag "1d7cb3bc0dcd778" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-font-ttf cache-control public, max-age=14400 accept-ranges bytes cf-ray 714413796e1b6949-FRA content-length 74232 expires Wed, 01 Jun 2022 05:11:34 GMT
GET H2	200	adaware.ttf www.adaware.com/fonts/adaware/	5 KB 5 KB	27ms 27ms	Font application/x-font-ttf	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/fonts/adaware/adaware.ttf Requested by Host: www.adaware.com URL: https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f8f8dc1f09c3587139720cb52ffb2a9f781e9934b67d6a89a2cd228a6d84013 Request headers Referer https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Origin https://www.adaware.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:34 GMT cf-cache-status HIT last-modified Wed, 27 Oct 2021 14:05:53 GMT server cloudflare age 3338 etag "1d7cb3bc0dde3bc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-font-ttf cache-control public, max-age=14400 accept-ranges bytes cf-ray 714413796e1c6949-FRA content-length 5436 expires Wed, 01 Jun 2022 05:11:34 GMT
GET H2	200	canaro-semibold.ttf www.adaware.com/fonts/canaro/	117 KB 118 KB	26ms 25ms	Font application/x-font-ttf	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/fonts/canaro/canaro-semibold.ttf Requested by Host: www.adaware.com URL: https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee36c5fed6471203b115e53c083661d8d20dffe05db8f7d5f77b9720787a57ea Request headers Referer https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Origin https://www.adaware.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:34 GMT cf-cache-status HIT last-modified Wed, 27 Oct 2021 14:05:53 GMT server cloudflare age 3338 etag "1d7cb3bc0dc23e4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-font-ttf cache-control public, max-age=14400 accept-ranges bytes cf-ray 714413796e1d6949-FRA content-length 120164 expires Wed, 01 Jun 2022 05:11:34 GMT
GET H/1.1	200 OK	/ Show response jtracking-gate.lulusoft.com/api/visitor/	116 B 783 B	295ms 98ms	Script application/javascript	64.15.159.203 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://jtracking-gate.lulusoft.com/api/visitor/ Requested by Host: jtracking.lulusoft.com URL: https://jtracking.lulusoft.com/js/v2/adaware.com.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 64.15.159.203 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 53f3c7b630f88869d235545875fa2f5dd1aade565787c1be54b09f5362dbbebb Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Jun 2022 01:11:33 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache Transfer-Encoding chunked Access-Control-Allow-Headers Content-Type
PUT H/1.1	200 OK	parameters Show response qti.avanquest.com/api/	57 B 399 B	291ms 104ms	XHR application/json	174.142.220.172 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://qti.avanquest.com/api/parameters Requested by Host: jtracking.lulusoft.com URL: https://jtracking.lulusoft.com/js/v2/adaware.com.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 174.142.220.172 Verdun, Canada, ASN32613 (IWEB-AS, CA), Reverse DNS Software nginx / Resource Hash f425222dffb2a494dc17b659eaf6caf50e444a10c78ee9e4aa0ad75a104a20e1 Request headers Referer https://www.adaware.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-type application/json; charset=UTF-8 Response headers Date Wed, 01 Jun 2022 01:11:35 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Origin Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.adaware.com Transfer-Encoding chunked Access-Control-Allow-Credentials true
OPTIONS H/1.1	204 No Content	parameters qti.avanquest.com/api/	0 0	320ms 108ms	Preflight	174.142.220.172 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://qti.avanquest.com/api/parameters Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 174.142.220.172 Verdun, Canada, ASN32613 (IWEB-AS, CA), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method PUT Origin https://www.adaware.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods PUT Access-Control-Allow-Origin https://www.adaware.com Date Wed, 01 Jun 2022 01:11:35 GMT Server nginx Vary Origin
GET H2	200	canaro-book.ttf www.adaware.com/fonts/canaro/	127 KB 127 KB	16ms 16ms	Font application/x-font-ttf	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/fonts/canaro/canaro-book.ttf Requested by Host: www.adaware.com URL: https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42313967a0898e50ff7b02fd9f586a13a4341e1d33f4fda7b05ee366c7240afb Request headers Referer https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Origin https://www.adaware.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:34 GMT cf-cache-status HIT last-modified Wed, 27 Oct 2021 14:05:53 GMT server cloudflare age 3337 etag "1d7cb3bc0dc0a98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-font-ttf cache-control public, max-age=14400 accept-ranges bytes cf-ray 7144137aff956949-FRA content-length 130072 expires Wed, 01 Jun 2022 05:11:34 GMT
GET H2	200	visitor.min.js Show response gate.upclick.com/btn/	6 KB 2 KB	307ms 98ms	Script text/javascript	64.18.92.11 MTO
General Check archive.org Show headers Download Go to Full URL https://gate.upclick.com/btn/visitor.min.js Requested by Host: jtracking.lulusoft.com URL: https://jtracking.lulusoft.com/js/v2/adaware.com.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.18.92.11 Montreal, Canada, ASN21548 (MTO, CA), Reverse DNS 64-18-92-11.beanfield.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6497f044e9c78390191412a2f6235a48730b9c8866a30a2383e9e7841ceaf10f Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Wed, 01 Jun 2022 01:11:34 GMT content-encoding gzip server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control no-cache content-length 2221 expires -1
GET H2	200	click.aspx store.adaware.com/clickgate/	58 B 519 B	751ms 180ms	Image image/bmp	64.18.92.73 MTO
General Check archive.org Show headers Download Go to Show image Full URL https://store.adaware.com/clickgate/click.aspx?wID=6622&uid=1019613&key1=default&key2=default&mkey1=adaware.com&mkey7=direct&cmp=adaw_all_a_all_a_a_all&vst=1 Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.18.92.73 Montreal, Canada, ASN21548 (MTO, CA), Reverse DNS 64-18-92-73.beanfield.net Software / ASP.NET Resource Hash f16c13f141125424df9ae0409f37af05fcfdd25c13ce09cb2321144bf6f54f11 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT cache-control private server x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type image/bmp
GET H2	200	search.js Show response www.adaware.com/scripts/header/	1 KB 568 B	14ms 14ms	Script application/javascript	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/scripts/header/search.js Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2c35313508ccb322442595127cd70855ab63f3c9ae86d50a2e80e5892fb2649 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/blog/50-banks-in-pharming-attack User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 23 Nov 2021 12:29:29 GMT server cloudflare age 6507 etag W/"1d7e065c27cde28" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7144137eeb676949-FRA expires Wed, 01 Jun 2022 05:11:35 GMT
GET H2	200	jquery.min.js Show response www.adaware.com/lib/jquery/dist/	87 KB 30 KB	20ms 20ms	Script application/javascript	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/lib/jquery/dist/jquery.min.js Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/blog/50-banks-in-pharming-attack User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 27 Oct 2021 14:05:53 GMT server cloudflare age 3663 etag W/"1d7cb3bc0dcab04" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7144137eeb6a6949-FRA expires Wed, 01 Jun 2022 05:11:35 GMT
GET H2	200	bootstrap.bundle.min.js Show response www.adaware.com/lib/bootstrap/dist/js/	77 KB 22 KB	22ms 22ms	Script application/javascript	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/lib/bootstrap/dist/js/bootstrap.bundle.min.js Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/blog/50-banks-in-pharming-attack User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 27 Oct 2021 14:05:53 GMT server cloudflare age 3663 etag W/"1d7cb3bc0dcc5ab" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7144137eeb6d6949-FRA expires Wed, 01 Jun 2022 05:11:35 GMT
GET H2	200	site.js Show response www.adaware.com/js/	226 B 262 B	15ms 15ms	Script application/javascript	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.adaware.com/js/site.js?v=BxFAw9RUJ1E4NycpKEjCNDeoSvr4RPHixdBq5wDnkeY Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e03b397a81c986a9c9b1c0f14e69eef69ee6f45efee41b9c31a7912eaad1be76 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/blog/50-banks-in-pharming-attack User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 27 Oct 2021 14:05:53 GMT server cloudflare age 3663 etag W/"1d7cb3bc0ddf662" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7144137eeb6f6949-FRA expires Wed, 01 Jun 2022 05:11:35 GMT
GET H2	200	bg-default.jpg www.adaware.com/images/pages/Blog/	14 KB 14 KB	22ms 22ms	Image image/jpeg	104.16.236.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.adaware.com/images/pages/Blog/bg-default.jpg Requested by Host: www.adaware.com URL: https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.236.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aac7f75374ea9e333145a9c801f9a03d0123a4e1e97e285dd8f79ce54fcfd4f Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/css/pages/StayAwareBlogItem/style-1.0.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT cf-cache-status HIT age 706 backend k8s last-modified Wed, 27 Oct 2021 14:05:53 GMT content-length 14578 cf-bgj h2pri server cloudflare etag "1d7cb3bc0ddce72" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 7144137f0b7c6949-FRA expires Wed, 01 Jun 2022 05:11:35 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	208 KB 72 KB	73ms 28ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MQCS62F Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 17651e7d144b99d41cd7afefdefb44dbbc87b84a99cf0830d8aacf9240dc86ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 72964 x-xss-protection 0 last-modified Wed, 01 Jun 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 01 Jun 2022 01:11:35 GMT
GET H/1.1	200 OK	/ Show response jtracking-gate.lulusoft.com/api/visitor-js/	110 B 780 B	106ms 106ms	Script application/javascript	64.15.159.203 IWEB-AS
General Check archive.org Show headers Download Go to Full URL https://jtracking-gate.lulusoft.com/api/visitor-js/?uid=1019613&cmp=adaw_all_a_all_a_a_all&mkey7=direct&wid=6622&ref=adaware.com&mkey1=adaware.com&key1=default&key2=default&qti=70b40e9d-d88e-bea8-cb22-7c53f3697903_2022-05-31&mkey6=70b40e9d-d88e-bea8-cb22-7c53f3697903_2022-05-31&trackinginitlog=OK(200)&referrer=https%3A%2F%2Fwww.adaware.com%2Fblog%2F50-banks-in-pharming-attack&visitorid=a4174279-1cf8-4a6a-92e3-17eaa7a9ff60 Requested by Host: jtracking.lulusoft.com URL: https://jtracking.lulusoft.com/js/v2/adaware.com.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 64.15.159.203 , Canada, ASN32613 (IWEB-AS, CA), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 4fbc0adc0ac7c60b2a5dcb71e93cfaf54fb1672f4df522225284744dc004493e Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Jun 2022 01:11:34 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache Transfer-Encoding chunked Access-Control-Allow-Headers Content-Type
GET H2	200	js Show response www.googletagmanager.com/gtag/	196 KB 69 KB	21ms 20ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5DEWLZDE7X&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQCS62F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9dfc33c5060145b8ba9a1447c7002e9af063cce68ac0ea2393bc86a7ba81c694 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70644 x-xss-protection 0 expires Wed, 01 Jun 2022 01:11:35 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	35ms 6ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQCS62F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 3147 date Wed, 01 Jun 2022 00:19:08 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 01 Jun 2022 02:19:08 GMT
GET H2	200	bat.js Show response bat.bing.com/	38 KB 12 KB	62ms 31ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQCS62F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Wed, 09 Feb 2022 23:54:49 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 45A445F23612488EB73D9BBD42B69C73 Ref B: FRAEDGE1309 Ref C: 2022-06-01T01:11:35Z etag "806a236c101ed81:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 date Wed, 01 Jun 2022 01:11:34 GMT accept-ranges bytes content-length 11333
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	67ms 22ms	Script application/x-javascript	2a03:2880:f036:1d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQCS62F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f036:1d:face:b00c:0:3 Berlin, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26310 x-xss-protection 0 pragma public x-fb-debug yExCaQfIsE7WtIGSiCVaNCuba8HVgl5V7OyX5/+8zFif7a73pgm0GnjnmvFGp2QDXKjodIud+gUAPu/3Razr2A== x-fb-trip-id 1512268381 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Wed, 01 Jun 2022 01:11:35 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/	20 KB 7 KB	83ms 55ms	Script application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/otSDKStub.js Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36ec320e8020b48aad5b148de39200cf3a5d4852b62534c7c0292611cdb72842 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 F3UfK5EMBc6QTtDdMXRefA== content-length 6858 x-ms-lease-status unlocked last-modified Mon, 16 May 2022 08:48:31 GMT server cloudflare etag 0x8DA3718DABCDB5F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 338abf7c-501e-0089-7e54-7561c2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 7144138029d1020d-ZRH
POST H2	204	collect analytics.google.com/g/	0 347 B	36ms 14ms	Ping text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-5DEWLZDE7X&gtm=2oe5p1&_p=138581040&_z=ccd.tdB&_gaz=1&cid=2009605372.1654045896&ul=en-us&sr=1600x1200&_s=1&sid=1654045895&sct=1&seg=0&dl=https%3A%2F%2Fwww.adaware.com%2Fblog%2F50-banks-in-pharming-attack&dt=50%20BANKS%20IN%20PHARMING%20ATTACK&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5DEWLZDE7X&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Wed, 01 Jun 2022 01:11:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.adaware.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 347 B	59ms 20ms	Ping text/plain	2a00:1450:400c:c01::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5DEWLZDE7X&cid=2009605372.1654045896&gtm=2oe5p1&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5DEWLZDE7X&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Wed, 01 Jun 2022 01:11:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.adaware.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	41ms 19ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5DEWLZDE7X&cid=2009605372.1654045896&gtm=2oe5p1&aip=1&z=860008857 Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Wed, 01 Jun 2022 01:11:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	29ms 14ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=138581040&t=pageview&_s=1&dl=https%3A%2F%2Fwww.adaware.com%2Fblog%2F50-banks-in-pharming-attack&ul=en-us&de=UTF-8&dt=50%20BANKS%20IN%20PHARMING%20ATTACK&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=988405463&gjid=13648816&cid=2009605372.1654045896&tid=UA-2689090-53&_gid=1813783822.1654045896&_r=1&gtm=2wg5p1MQCS62F&cd1=2009605372.1654045896&z=699253596 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.adaware.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 01 Jun 2022 01:11:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.adaware.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	23006746.js Show response bat.bing.com/p/action/	219 B 475 B	162ms 162ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/23006746.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 33716bdb047de15423022abb43c5b280ba561d8a8b9d5da8beced64a362fedb9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 932620EFBBCA403EBF89424CDCA8687E Ref B: FRAEDGE1309 Ref C: 2022-06-01T01:11:35Z date Wed, 01 Jun 2022 01:11:35 GMT vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private,max-age=60 content-length 300
GET H2	204	0 bat.bing.com/action/	0 175 B	32ms 31ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=23006746&tm=gtm002&Ver=2&mid=185c3d76-dc60-4f6b-826f-4c16197487b4&sid=c8174a80e14711ec8e181b8a399ff43a&vid=c8173700e14711eca977010e1ebdbffe&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=50%20BANKS%20IN%20PHARMING%20ATTACK&p=https%3A%2F%2Fwww.adaware.com%2Fblog%2F50-banks-in-pharming-attack&r=&lt=2467&evt=pageLoad&msclkid=N&sv=1&rn=386502 Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 926ECFA05B92402398F2BF68709BD984 Ref B: FRAEDGE1309 Ref C: 2022-06-01T01:11:35Z date Wed, 01 Jun 2022 01:11:34 GMT x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	identity.js Show response connect.facebook.net/signals/plugins/	64 KB 20 KB	47ms 23ms	Script application/x-javascript	2a03:2880:f036:1d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/identity.js?v=2.9.61 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f036:1d:face:b00c:0:3 Berlin, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 20656 x-xss-protection 0 pragma public x-fb-debug BFtLFf3bGP1LGpvbJU6C6P7PQNufrvUQXeOlP0bmcI7E09NRgHeTxabABkAxXEio9/xzkK/y4o1fIENZgvT12w== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Wed, 01 Jun 2022 01:11:35 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	2825926307674077 Show response connect.facebook.net/signals/config/	305 KB 87 KB	114ms 90ms	Script application/x-javascript	2a03:2880:f036:1d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2825926307674077?v=2.9.61&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f036:1d:face:b00c:0:3 Berlin, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9ee30a0a123c8c484c7045d9c2b3861a834343f55ae4c4f2e93e51bb61b6064a Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug /lir/EK2tei/SesiE/u0Z95X8rQ0MNOOCO8R7Fc11dt5hiBUemCkmLe1DrT7js3ul2negZHBuftS5nKr9vCspw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Wed, 01 Jun 2022 01:11:35 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1654045895868 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	8576447c-b930-4b69-a773-cae8eee2ee7e-test.json Show response cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/	5 KB 3 KB	77ms 51ms	XHR application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/8576447c-b930-4b69-a773-cae8eee2ee7e-test.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e02bd3e773160d4872c1367a2ec1709c07057c157622b55e01daf7954b5757cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 sLbeznMvtyLauVgM8GSp9Q== content-length 2075 x-ms-lease-status unlocked last-modified Mon, 16 May 2022 08:48:31 GMT server cloudflare etag 0x8DA3718DABCDB5F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 338abf9f-501e-0089-1954-7561c2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 71441380bc192325-ZRH
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	19ms 19ms	XHR text/plain	2a00:1450:400c:c01::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2689090-53&cid=2009605372.1654045896&jid=988405463&gjid=13648816&_gid=1813783822.1654045896&_u=YADAAEAAAAAAAC~&z=870514707 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.adaware.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 01 Jun 2022 01:11:35 GMT content-type text/plain access-control-allow-origin https://www.adaware.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	39ms 18ms	Image image/gif	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2689090-53&cid=2009605372.1654045896&jid=988405463&_u=YADAAEAAAAAAAC~&z=414700375 Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Wed, 01 Jun 2022 01:11:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	35ms 18ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2689090-53&cid=2009605372.1654045896&jid=988405463&_u=YADAAEAAAAAAAC~&z=414700375 Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Wed, 01 Jun 2022 01:11:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	182 B 457 B	41ms 24ms	XHR application/json	2606:4700:10::6814:b844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://www.adaware.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 714413812c509199-FRA access-control-allow-headers Content-Type
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.35.0/	360 KB 85 KB	17ms 17ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 bDp57sS049dDkRqCL4m53Q== age 12279 vary Accept-Encoding content-length 87115 x-ms-lease-status unlocked last-modified Thu, 12 May 2022 19:18:03 GMT server cloudflare etag 0x8DA344C22E63CAF expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 97aae32d-001e-00d5-1250-66903b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 714413815a4f020d-ZRH
GET H2	200	/ www.facebook.com/tr/	44 B 409 B	102ms 22ms	Image image/gif	2a03:2880:f136:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2825926307674077&ev=PageView&dl=https%3A%2F%2Fwww.adaware.com%2Fblog%2F50-banks-in-pharming-attack&rl=&if=false&ts=1654045895911&sw=1600&sh=1200&v=2.9.61&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1654045895910.256133373&it=1654045895761&coo=false&tm=1&rqm=GET Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f136:83:face:b00c:0:25de Berlin, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:36 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Wed, 01 Jun 2022 01:11:36 GMT
GET H2	200	23006746 Show response www.clarity.ms/tag/uet/	2 KB 2 KB	277ms 151ms	Script application/x-javascript	2620:1ec:27::cafe:2193 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/23006746 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/23006746.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:27::cafe:2193 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash afb7d382b35cbb953cc9a0fc541a2e4ef450ece005d53f14866486c469045594 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:35 GMT x-powered-by ASP.NET x-azure-ref 0yLyWYgAAAADg1oDeautgQYIwboJPurW0U09GMDFFREdFMDQyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= x-cache CONFIG_NOCACHE content-type application/x-javascript expires -1 cache-control no-cache, no-store request-context appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
GET H2	200	en.json Show response cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/54bfe37e-e39a-4095-938f-33cc7d7134f5/	49 KB 13 KB	52ms 52ms	Fetch application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8576447c-b930-4b69-a773-cae8eee2ee7e-test/54bfe37e-e39a-4095-938f-33cc7d7134f5/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 730e87ae638997a3465e7b84e3ad661c2c126384a23457f76a7bd3e55bae5da0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 whFIVXMgpv9HDk4t1mAAdA== content-length 12668 x-ms-lease-status unlocked last-modified Mon, 16 May 2022 08:48:39 GMT server cloudflare etag 0x8DA3718DF4FC7FA expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 338abfe5-501e-0089-5154-7561c2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 714413821cc42325-ZRH
GET H2	200	otFloatingFlat.json Show response cdn.cookielaw.org/scripttemplates/6.35.0/assets/	10 KB 3 KB	19ms 18ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFloatingFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b663ab6a199de613fa46b2c524da1bfb8a889234879c5ccdb239602468e5f8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 +uprNKuR/LB9OxQq0vcYYA== age 694 vary Accept-Encoding content-length 2690 x-ms-lease-status unlocked last-modified Thu, 12 May 2022 19:17:55 GMT server cloudflare etag 0x8DA344C1E523EA1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 5ee749ab-601e-0124-2d01-6907fd000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 714413827cfa2325-ZRH
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/	60 KB 14 KB	21ms 21ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/otPcTab.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 FpnL0cFFASD+AoL9ZhPlUA== age 694 vary Accept-Encoding content-length 13730 x-ms-lease-status unlocked last-modified Thu, 12 May 2022 19:17:57 GMT server cloudflare etag 0x8DA344C1F6FBB66 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id ca1bb35f-f01e-0165-4f01-692fee000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 714413827cfb2325-ZRH
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/6.35.0/assets/	5 KB 2 KB	23ms 22ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCookieSettingsButton.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 su1aQDzLNGhJWoAF9QNyDA== age 5435 vary Accept-Encoding content-length 1780 x-ms-lease-status unlocked last-modified Thu, 12 May 2022 19:17:56 GMT server cloudflare etag 0x8DA344C1EF8C764 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 727252de-e01e-0018-2c01-69f573000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 714413827cfc2325-ZRH
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.35.0/assets/	21 KB 4 KB	24ms 24ms	Fetch text/css	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 /wtHD+oYY7dZRzCx50GZrQ== age 5435 vary Accept-Encoding x-ms-lease-status unlocked last-modified Thu, 12 May 2022 19:18:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id b01e85b9-501e-0023-5e01-69b72d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 714413827cff2325-ZRH
GET DATA	200 OK	truncated /	817 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	poweredBy_ot_logo.svg cdn.cookielaw.org/logos/static/	3 KB 2 KB	19ms 19ms	Image image/svg+xml	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg Requested by Host: www.adaware.com URL: https://www.adaware.com/blog/50-banks-in-pharming-attack Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 01 Jun 2022 01:11:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 LpuayL42jB78xRllx0vkOw== age 5507 vary Accept-Encoding x-ms-lease-status unlocked last-modified Tue, 31 May 2022 02:45:27 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/svg+xml access-control-allow-origin * x-ms-request-id d7519934-b01e-010f-349b-747345000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 71441382fb23020d-ZRH
GET H2	200	clarity.js Show response d.clarity.ms/s/0.6.34/	53 KB 23 KB	311ms 92ms	Script application/javascript	40.76.174.66 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://d.clarity.ms/s/0.6.34/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/23006746 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:36 GMT content-encoding br etag "1d87336c650fb54" last-modified Sun, 29 May 2022 08:33:30 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control public,max-age=86400 accept-ranges bytes request-context appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?CtsSyncId=2AE93687AABA4F1795B313C4DDC0272C&RedC=c.clarity.ms&MXFR=39D999E9012F680A0C29885F052F663E https://c.clarity.ms/c.gif?CtsSyncId=2AE93687AABA4F1795B313C4DDC0272C&MUID=23D375450E8E6E74080364F30F5C6FB0	42 B 392 B	27ms 27ms	Image image/gif	52.142.114.2 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?CtsSyncId=2AE93687AABA4F1795B313C4DDC0272C&MUID=23D375450E8E6E74080364F30F5C6FB0 Protocol H2 Server 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Wed, 01 Jun 2022 01:11:36 GMT last-modified Fri, 18 Mar 2022 19:39:54 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "8120eaf0ff3ad81:0" p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42 Redirect headers pragma no-cache date Wed, 01 Jun 2022 01:11:35 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: ACF34977BE5D4F9A96C4C2C210BF1D7E Ref B: FRAEDGE1309 Ref C: 2022-06-01T01:11:36Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?CtsSyncId=2AE93687AABA4F1795B313C4DDC0272C&MUID=23D375450E8E6E74080364F30F5C6FB0 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
POST H2	204	collect Show response d.clarity.ms/	0 70 B	187ms 186ms	XHR text/plain	40.76.174.66 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://d.clarity.ms/collect Requested by Host: d.clarity.ms URL: https://d.clarity.ms/s/0.6.34/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.adaware.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers access-control-allow-origin https://www.adaware.com date Wed, 01 Jun 2022 01:11:36 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	46ms 22ms	Image image/gif	2a03:2880:f136:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2825926307674077&ev=Microdata&dl=https%3A%2F%2Fwww.adaware.com%2Fblog%2F50-banks-in-pharming-attack&rl=&if=false&ts=1654045897415&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%2250%20BANKS%20IN%20PHARMING%20ATTACK%22%2C%22meta%3Adescription%22%3A%22Todays%20security%20news%20story%20comes%20with%20a%20moral%3A%20never%20underestimate%20the%20importance%20of%20having%20good%20anti-virus%2C%20anti-spyware%2C%20and%20firewall%20software%2C%20along%20with%20always%20making%20sure%20to%20update%20your%20operating%20system.%20Last%20week%27s%20pharming%20attack%20on%20over%2050%20financial%20institutions%20that%20targeted%20online%20customers%20in%20the%20U.S.%2C%20Europe%20and%20Asia-Pacific%20has%20been%20shut%20down%2C%20but%20not%20before%20it%20was%20able%20to%20infect%20at%20least%201%2C000%20PCs%20per%20day%20over%20a%20three%20day%20period.%20This%20is%20a%20significant%20strike%20not%20just%20because%20of%20the%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1654045895910.256133373&it=1654045895761&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f136:83:face:b00c:0:25de Berlin, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.adaware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 01:11:37 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Wed, 01 Jun 2022 01:11:37 GMT