fcw.com Open in urlscan Pro
2606:4700:3108::ac42:284d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1105info.com/portal/wts/ucmcmQeh7M6bbVvbcdyDDdmByr3cbtDHPPvh4mM~c&data=04
Effective URL:
https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&p...
Submission: On November 03 via api (November 3rd 2021, 12:44:16 am UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3108::ac42:284d, located in United States and belongs to CLOUDFLARENET, US. The main domain is fcw.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2021. Valid for: a year.

This is the only time fcw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.162.43.140 205.162.43.140	53866 (QTS-AS) (QTS-AS)
11	2606:4700:310... 2606:4700:3108::ac42:284d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
8	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.236.5.100 63.236.5.100	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.109 143.204.215.109	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2 3	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.194.71.96 34.194.71.96	14618 (AMAZON-AES) (AMAZON-AES)
1	44.196.178.215 44.196.178.215	14618 (AMAZON-AES) (AMAZON-AES)
4	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
56	21

1 205.162.43.140 (United States) 1 redirects

ASN53866 (QTS-AS, US)
PTR: mailsrv43140.o-mx.com

1105info.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3108::ac42:284d (United States)

ASN13335 (CLOUDFLARENET, US)

fcw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 204.180.130.159 (United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.236.5.100 (United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)

redmondmag.1105cms01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-109.fra53.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c995ac9e9d9ab2885da2a1fa2e6ae387.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.194.71.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-71-96.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.178.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-178-215.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.180.130.165 (United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	omeda.com olytics.omeda.com oqs.omeda.com	78 KB
11	fcw.com fcw.com	275 KB
8	googlesyndication.com c995ac9e9d9ab2885da2a1fa2e6ae387.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	39 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	146 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	41 KB
3	adnxs.com 2 redirects ib.adnxs.com	4 KB
3	ml314.com ml314.com in.ml314.com	14 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	rlcdn.com idsync.rlcdn.com	66 B
1	googletagservices.com www.googletagservices.com
1	google.de adservice.google.de	792 B
1	googleapis.com fonts.googleapis.com	2 KB
1	1105cms01.com redmondmag.1105cms01.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	1105info.com 1 redirects 1105info.com	406 B
56	17

	Domain	Requested by
11	fcw.com	fcw.com
8	olytics.omeda.com	fcw.com olytics.omeda.com
5	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	oqs.omeda.com	olytics.omeda.com
4	securepubads.g.doubleclick.net	fcw.com securepubads.g.doubleclick.net
3	a.dpmsrv.com	fcw.com s.dpmsrv.com
3	ib.adnxs.com	2 redirects
3	fonts.gstatic.com	fonts.googleapis.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ml314.com	fcw.com ml314.com
2	www.google-analytics.com	fcw.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	idsync.rlcdn.com	fcw.com
1	cm.g.doubleclick.net	1 redirects
1	www.googletagservices.com	olytics.omeda.com
1	in.ml314.com	ml314.com
1	c995ac9e9d9ab2885da2a1fa2e6ae387.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	s.dpmsrv.com	fcw.com
1	fonts.googleapis.com	fcw.com
1	redmondmag.1105cms01.com	fcw.com
1	cdnjs.cloudflare.com	fcw.com
1	1105info.com	1 redirects
56	24

This site contains links to these domains. Also see Links.

Domain
publicsector360.com
www.1105reprints.com
www.meritdirect.com
publicsector.1105media.com
1105.dragonforms.com
1105media.com
one.dragonforms.com
www.govexec.com

Subject Issuer	Validity	Valid
fcw.com Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2021-07-16` - `2022-07-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.1105cms01.com Network Solutions OV Server CA 2	`2021-10-25` - `2022-09-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.dpmsrv.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
Frame ID: B19486BDE70CB9C6BB471F9127366DD5
Requests: 46 HTTP requests in this frame

Frame: https://c995ac9e9d9ab2885da2a1fa2e6ae387.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3053A32CE508843AA7577CF9D39192CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 60B01F9928D25AD39E48320987065058
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1BF32932DEC07E4A93D84EA748195B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A Novel Approach: How Fortune 100 Companies Have Turned the Tables on Threat Actors -- FCW

Page URL History Show full URLs

https://1105info.com/portal/wts/ucmcmQeh7M6bbVvbcdyDDdmByr3cbtDHPPvh4mM~c&data=04 HTTP 302
https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-a... Page URL

Page Statistics

56
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

24
Subdomains

21
IPs

4
Countries

672 kB
Transfer

1809 kB
Size

20
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://publicsector360.com/pages/calendar.aspx
Title: Events

Search URL Search Domain Scan URL

URL: http://www.1105reprints.com/
Title: Reprints

Search URL Search Domain Scan URL

URL: https://www.meritdirect.com/1105-media/
Title: List Rental

Search URL Search Domain Scan URL

URL: https://publicsector.1105media.com/pages/fcw
Title: Advertise

Search URL Search Domain Scan URL

URL: https://1105.dragonforms.com/loading.do?omedasite=ONE2_FWnew
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://1105media.com/pages/terms-of-use.aspx
Title: Terms

Search URL Search Domain Scan URL

URL: https://1105media.com/pages/privacy-policy.aspx
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://1105media.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://one.dragonforms.com/loading.do?PK=FWSUB19&omedasite=ONE2_FWnew
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://www.1105reprints.com/
Title: Reprints

Search URL Search Domain Scan URL

URL: https://www.govexec.com/about/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.govexec.com/about/terms-and-conditions/
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1105info.com/portal/wts/ucmcmQeh7M6bbVvbcdyDDdmByr3cbtDHPPvh4mM~c&data=04 HTTP 302
https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D312%26pixelIndex%3D0%26r%3D114304%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Ffcw.com%252Fwebcasts%252F2021%252F09%252Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%253F%2526pc%253DG0990E07%2526utm_source%253Dwebmktg%2526utm_medium%253DE-Mail%2526utm_campaign%253DG0990E07%2526oly_enc_id%253D4291D2343667C5G72&_=1635900250438 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D312%2526pixelIndex%253D0%2526r%253D114304%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Ffcw.com%25252Fwebcasts%25252F2021%25252F09%25252Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%25253F%252526pc%25253DG0990E07%252526utm_source%25253Dwebmktg%252526utm_medium%25253DE-Mail%252526utm_campaign%25253DG0990E07%252526oly_enc_id%25253D4291D2343667C5G72%26_%3D1635900250438 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=4656221516274184561&q=xImp&v=1.x&cl=312&pixelIndex=0&r=114304&tzOffset=0&url=https%3A%2F%2Ffcw.com%2Fwebcasts%2F2021%2F09%2Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%3F%26pc%3DG0990E07%26utm_source%3Dwebmktg%26utm_medium%3DE-Mail%26utm_campaign%3DG0990E07%26oly_enc_id%3D4291D2343667C5G72&_=1635900250438

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=4656221516274184561&pixelIndex=0&_=1635900250439 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=4656221516274184561&pixelIndex=0&_=1635900250439&google_gid=CAESEChxKb68F9_jlF3gmMVkLgA&google_cver=1

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx Show response
fcw.com/webcasts/2021/09/
Redirect Chain

https://1105info.com/portal/wts/ucmcmQeh7M6bbVvbcdyDDdmByr3cbtDHPPvh4mM~c&data=04
https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291...

54 KB
16 KB

281ms
262ms

Document
text/html

2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e109317e4c7dd955f3218910d7557e1704987eafb35c81b1c2f2c77003394a0

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
x-xss-protection: 1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7jM%2BT0Y%2BZlJwQZF6FGCXq3%2BzmMy0E68r5gtcWVtz6AHhggkHX4V7n5BjARzq6AQ0rm%2BE92hOjMHLgxdr9RT2wk9DZVHDtTdYtbzDyrk6g8dLzqLmyeJgrBP9tOjwg3z%2FNU7TYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a81928d0ed42c01-FRA
content-encoding: br

Redirect headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Location: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
Content-Length: 0
Date: Wed, 03 Nov 2021 01:44:08 CET
Server: Apache

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 45ms
19ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fcw.com
URL: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

380a57c5673f7ca35f09c78eef2a80e7f4e52a8481503a96a7f92d55942ad55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1032 / 356 of 1000 / last-modified: 1635890704"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27276
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 00:44:09 GMT

GET
H/1.1 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 639ms
117ms Stylesheet
text/css 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 00:44:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 27 Aug 2021 04:05:28 GMT
Server: Apache
ETag: W/"28820-1630037128000"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 03 Nov 2021 06:44:10 GMT

GET
H2 200 style.css
fcw.com/design/gig/fcw/2018/css/ 104 KB
19 KB 19ms
18ms Stylesheet
text/css 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fcw.com/design/gig/fcw/2018/css/style.css?v=19

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1d4c83494536029c02618c5e9c1755a11fc825d35d895cba8986c2a94b0291

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Oct 2020 18:42:24 GMT
server: cloudflare
age: 1270
etag: W/"568b4bec22a3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzcAwrFLbMa5gkJednGlPbpHPY3kCAn0AnPTuu9tgzAs6mdzfjkLaVxo2EyN%2Fc5XW03h5P3VpwJBruI2UyYbY8Tcvy%2FsuP6xgjHjjHSi5AKBCLnBMpM3ZoxM67Y236%2FSpZL50oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a81928ec84c2c01-FRA
x-xss-protection: 1

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 34 KB
6 KB 32ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.css?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2956704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5565
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-893e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4J7mBqIReom1IdGJNr784c4vlPZZonJRhfFNwbs4gz3HuMjKp88PcUtxBx6%2FYN4PbhVHSStEGFSaGFNL9gMYSoRu1b7SbYpfOyxp8wYOE1qXSsXLf7p6mBW0sKmaX%2Fzjo%2FYNvOaRL8gQrdrTLxgKDpjf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a81928eeaf65bed-FRA
expires: Mon, 24 Oct 2022 00:44:09 GMT

GET
H2 200 base-min.js Show response
fcw.com/design/gig/fcw/2018/js/ 258 KB
70 KB 27ms
26ms Script
application/javascript 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fcw.com/design/gig/fcw/2018/js/base-min.js?=7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f0025b39e640148fb30602cedc8532f3f48ba2b9f4fbb5f2a1facb9a1f5e6ee

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Oct 2020 16:25:11 GMT
server: cloudflare
age: 1270
etag: W/"baa62c1fa3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wo76ROAxLbobDoYd3m40IAmmJAkI09%2F94uSiV%2BQnNfvB2iAwd0ZHgn2COvRY6oWLDz3klUS%2BwcdKM2c19coytIKnO2R%2BzBK1wL5le843uCTBVex6zAP7WLScYjonfTkiv5Xhd0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a81928ec84f2c01-FRA
x-xss-protection: 1

GET
H2 200 WebResource.axd Show response
fcw.com/ 23 KB
5 KB 190ms
189ms Script
application/x-javascript 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fcw.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZCBIjC6zCiEqmi_kDcnpBDGtmmPBmv3CrteKCAgzbUk5eSixZw2&t=637460693481343508

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Jan 2021 01:29:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jwmtqRe43jYA9N5pHgB9RFNN1pu4ab0Etfsn%2BQqmNEWxbTnquGUp1nqJGD4s2A7%2FV1zdF5Ao%2BSGHDQWVoTD3YdDNyYuHWMog6MNLuWHUTXsQkYEVtlDIgqWmMmMiFcZlSjjYXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a81928ec8502c01-FRA
x-xss-protection: 1
expires: Thu, 20 Oct 2022 07:43:20 GMT

GET
H2 200 ScriptResource.axd Show response
fcw.com/ 100 KB
26 KB 186ms
185ms Script
application/x-javascript 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fcw.com/ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yKIbsogxsARipyAFZ-QiowLKCn8ZX1JtCja1u0RrZEEZKxAM5FV4haytxitTtZqqNpmPcKKA3BLDLu9ZENuGQ1JqfEWiAMP7CsbJ3uYqnV6u0i-h3IJxflq0io8vjqviaFadW7U1&t=2fe674eb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Oct 2021 07:43:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FkItxY5Cejq46QGgcyegfJBoaTVEOwvQyUzESscD1tO8LV5eBf00cnVuykczoVlQwGiLkkCyGqtl2bwhC0qtV4kmyXmsogJJ1PrrP4NSr7%2F%2BmGQC3%2Fnjqzpd4hbN75NQRajFPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a81928ec8512c01-FRA
x-xss-protection: 1
expires: Thu, 20 Oct 2022 07:43:20 GMT

GET
H2 200 ScriptResource.axd Show response
fcw.com/ 39 KB
10 KB 190ms
190ms Script
application/x-javascript 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fcw.com/ScriptResource.axd?d=Jw6tUGWnA15YEa3ai3FadN4Tys6-s5-_WQA4GHsOVV0smV8btazs5-wG80pIg34-K80z7kuUkkVeuSqYVFgCETCeBJoAtRyb5fRiJArxgrrd7216Oo0fMsCemOyr51zDhUCnVS9jBHdvOboecnJG2jfa2V41&t=2fe674eb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Oct 2021 07:43:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbEZYLz2l04ZeOoJaonb7msRwEoCOktp7NwwygTErK40DTVGoljQIP0SiToE%2B%2FeVUzjnZYv7Mel5yKnewP%2Fw2BOD7kxk8slUSpS9VSfHOe%2BDi1RxfEQfIRsVJ%2F6I6fa7BaeBRbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a81928ec8522c01-FRA
x-xss-protection: 1
expires: Thu, 20 Oct 2022 07:43:20 GMT

GET
H2 200 fcw_logo.svg
fcw.com/webcasts/2021/09/~/media/GIG/FCW/Web/2018/Site/ 2 KB
2 KB 226ms
226ms Image
image/svg+xml 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcw.com/webcasts/2021/09/~/media/GIG/FCW/Web/2018/Site/fcw_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6decfba88914646414865c80ec2c67a28908075eb66e64b5b02e4929d4a8a851

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 16 Jan 2018 20:44:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8D%2FibzIoBPDIDR0c9ryKtMdkJrBG3uKBk4AxYFLcdDHGAXj%2BchlvRNN7Vz4DCFWaUR6zaT6lLm2QnPod3tSeMWY5DbirnvKwiTui92XnGsDxJ52r6GyWS7tmxDwIASmDCfG1JI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="fcw_logo.svg"
cf-ray: 6a81929009252c01-FRA
x-xss-protection: 1

GET
H/1.1 200
OK mobilemenubutton.svg
redmondmag.1105cms01.com/~/media/ECG/redmondmag/design/2019/ 981 B
1 KB 1137ms
169ms Image
image/svg+xml 63.236.5.100
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redmondmag.1105cms01.com/~/media/ECG/redmondmag/design/2019/mobilemenubutton.svg
Requested by: Host: fcw.com
URL: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.236.5.100 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a31fe83b286f32aa4bc04ba2300a8b644db75ae2f3640935ebdb6ce61314d30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 00:43:25 GMT
Last-Modified: Mon, 03 Dec 2018 23:45:43 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="mobilemenubutton.svg"
Accept-Ranges: bytes

GET
H2 200 Team%20Cymru%20red%20and%20black%20vertical%20with%20tagline.jpg
fcw.com/webcasts/2021/09/~/media/PublicSector/2021/Logos/ 100 KB
100 KB 235ms
235ms Image
image/jpeg 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcw.com/webcasts/2021/09/~/media/PublicSector/2021/Logos/Team%20Cymru%20red%20and%20black%20vertical%20with%20tagline.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014678682c8b2b757f77ed092941cc7f7eb534e797672b8e88b465df28959c03

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:10 GMT
cf-cache-status: BYPASS
last-modified: Fri, 13 Aug 2021 04:30:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIPlFa%2FO%2Ftrs%2Bmi0ZquP7121PgQ1IgK5OydaB0svccXHTFRObEW2yA9hFO%2F86rf5iNjjv1pX7S8Owf0hGpy9BHnKTNQxvU9CbLPgTeHqzNFaqRx9xoTPkvR7%2BN7nZEB3rls8%2Bcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Team Cymru red and black vertical with tagline.jpg"
accept-ranges: bytes
cf-ray: 6a819293cc0a2c01-FRA
content-length: 102401
x-xss-protection: 1

GET
H2 200 fcw_logo_notag.svg
fcw.com/webcasts/2021/09/~/media/GIG/FCW/Web/2018/Site/ 2 KB
1 KB 228ms
227ms Image
image/svg+xml 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcw.com/webcasts/2021/09/~/media/GIG/FCW/Web/2018/Site/fcw_logo_notag.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad5ad7270158d81f9e6c986fad9e7d6d695e8bbbbd60b528557706c00ed7dee5

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:10 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 18 Dec 2017 16:50:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uZY6AvPgc8HNemN5KwfGpnUNwIbWkM%2BlV29uMFY0SLfXX4iQMfd2VewiNgCKSRXfUgjOwc0hIXLwR6qIEhqq1NvjudVmHPbllueE4r2Kmw9KyMIVzYiz8Op8h2umUyN%2BKM8QTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="fcw_logo_notag.svg"
cf-ray: 6a8192946c822c01-FRA
x-xss-protection: 1

GET
H2 200 ps360_logo_final.png
fcw.com/webcasts/2021/09/~/media/GIG/PublicSector360/images/ 25 KB
26 KB 199ms
198ms Image
image/png 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcw.com/webcasts/2021/09/~/media/GIG/PublicSector360/images/ps360_logo_final.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6577a2dda8d47bdf6e724c62b5087616502f31b060455b66222e4a403bd922e

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:10 GMT
cf-cache-status: BYPASS
last-modified: Mon, 26 Apr 2021 18:08:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPoWhEkTNhsiTU5n1qqJ%2BzJU6CFmvS%2FwXPfdjiy0OlEUwI41ekwkRoAeWAMwLAgtWUt%2FGryVpVK6HxdLKdtyimSaJLwjFOHBpz7KQXaRl50MXElqRhrYPzlwbyVLzccC0NhdzYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="ps360_logo_final.png"
accept-ranges: bytes
cf-ray: 6a8192946c832c01-FRA
content-length: 25843
x-xss-protection: 1

GET
H3 200 pubads_impl_2021102801.js Show response
securepubads.g.doubleclick.net/gpt/ 350 KB
118 KB 31ms
16ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120786
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 00:44:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 51 B
82 B 31ms
16ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fcw.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

208b2b183b4ad6e5c3a8a222112b91cfd6e3309cf77e405e1b6457724fa15bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 00:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58
x-xss-protection: 0
expires: Wed, 03 Nov 2021 00:44:09 GMT

GET
H/1.1 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 272 KB
74 KB 120ms
119ms Script
application/javascript 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

aefe7785628510514a9b8239ce581219565b33e13a778208e8740c4b0b617d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 00:44:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Sep 2021 20:58:16 GMT
Server: Apache
ETag: W/"278709-1631221096000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 03 Nov 2021 06:44:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 58ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,900|Source+Serif+Pro:400,600

Requested by

Host: fcw.com
URL: https://fcw.com/design/gig/fcw/2018/css/style.css?v=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7678584f5f3a8952a0be0891bd92fa50559bcc196f60b9c31e10c88b96397a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 00:44:10 GMT
server: ESF
date: Wed, 03 Nov 2021 00:44:10 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 03 Nov 2021 00:44:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2584
date: Wed, 03 Nov 2021 00:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 02:01:06 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,900|Source+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fcw.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 11:16:30 GMT
x-content-type-options: nosniff
age: 221260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 31 Oct 2022 11:16:30 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 129ms
31ms Script
application/javascript 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?3102021
Requested by: Host: fcw.com
URL: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 00:44:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 18:22:45 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=63515
Connection: keep-alive
Content-Length: 12574
Expires: Wed, 03 Nov 2021 18:22:45 GMT

GET
H2 200 corner.svg
fcw.com/design/gig/fcw/2018/img/ 543 B
821 B 16ms
15ms Image
image/svg+xml 2606:4700:3108::ac42:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcw.com/design/gig/fcw/2018/img/corner.svg

Requested by

Host: fcw.com
URL: https://fcw.com/design/gig/fcw/2018/css/style.css?v=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970069a9c131f4ae655108d02a12829b7dc2d6516a527f81f68e911b7cc0cad7

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/design/gig/fcw/2018/css/style.css?v=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2018 20:16:33 GMT
server: cloudflare
age: 2132
etag: W/"65d34ce768fd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCzUPCvRMeUHkdrdQYAxACUAlzMMuZtNgZcuFOANKhLtlo99grr8Fm6%2FjPO7NVHdJ9fthauJq5dEd0QU0Wqtz%2Bc5VbOwWcCjQlFBzGmlxBiw9dUqZC8Jqx1raZbMcyxKJUBWP0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8192947c8d2c01-FRA
x-xss-protection: 1

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,900|Source+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fcw.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:16:28 GMT
x-content-type-options: nosniff
age: 419262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 04:16:28 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,900|Source+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29b561a8a01edc4acf52d1c4c763aa21a1b540bc020b92f8bbfaf656b53a02b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fcw.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 02:46:57 GMT
x-content-type-options: nosniff
age: 424633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15280
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 02:46:57 GMT

GET
H/1.1 200
OK dpm_a93c168323147d1135503939396cac628dc194c5.min.js Show response
s.dpmsrv.com/ 115 KB
38 KB 67ms
10ms Script
application/x-javascript 143.204.215.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_a93c168323147d1135503939396cac628dc194c5.min.js
Requested by: Host: fcw.com
URL: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-109.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6977133984633ee9fce3f13d7b5d94d8adcca7a284b5f568dcebd6ebaf6c9a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 06:45:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Oct 2021 21:26:54 GMT
Server: AmazonS3
Age: 64709
ETag: "ac0bb27f0b9e3818784b7fcab8da9015"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 38754
X-Amz-Cf-Id: gkYHBjCAC_P0Qfpt7lPqWsJQUkIkok0NrldYe8fYXd5GAoDoZ9fByg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 17ms
17ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1332055217&t=pageview&_s=1&dl=https%3A%2F%2Ffcw.com%2Fwebcasts%2F2021%2F09%2Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%3F%26pc%3DG0990E07%26utm_source%3Dwebmktg%26utm_medium%3DE-Mail%26utm_campaign%3DG0990E07%26oly_enc_id%3D4291D2343667C5G72&ul=en-us&de=UTF-8&dt=A%20Novel%20Approach%3A%20How%20Fortune%20100%20Companies%20Have%20Turned%20the%20Tables%20on%20Threat%20Actors%20--%20FCW&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=897152787&gjid=1705819199&cid=1738714942.1635900250&tid=UA-6779162-2&_gid=1909113545.1635900250&_r=1&_slc=1&z=57615559

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fcw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 00:44:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fcw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fcw.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 00:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fcw.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 00:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 858 B
260 B 50ms
49ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=557091521670839&correlator=4424158521908671&output=ldjh&impl=fifs&eid=31063136%2C31063213%2C31063281%2C31063345%2C31063406&vrg=2021102801&ptt=17&sc=1&sfv=1-0-38&ecs=20211103&iu_parts=5978%2Ceof.fcw&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C1x1&ists=3&prev_scp=item%3Db0ba9c27_5bdc_47d9_b792_f4a4a60437a0%26pos%3Dwallpaper_left%7Citem%3Db0ba9c27_5bdc_47d9_b792_f4a4a60437a0%26pos%3Dwallpaper_right&cookie_enabled=1&bc=31&abxe=1&lmt=1635900250&dt=1635900250412&dlt=1635900249387&idt=1000&frm=20&biw=1600&bih=1200&oid=2&adxs=55%2C1393&adys=71%2C71&adks=1785767672%2C1081764969&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffcw.com%2Fwebcasts%2F2021%2F09%2Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%3F%26pc%3DG0990E07%26utm_source%3Dwebmktg%26utm_medium%3DE-Mail%26utm_campaign%3DG0990E07%26oly_enc_id%3D4291D2343667C5G72&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1120x0%7C1120x0&msz=162x0%7C162x0&ga_vid=1738714942.1635900250&ga_sid=1635900250&ga_hid=1332055217&ga_fc=true&fws=4%2C4&ohw=1600%2C1600&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e5352545f1a1fc8507069bebd112e8778fc5ee88ccbe02b43b001212c6406902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fcw.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c995ac9e9d9ab2885da2a1fa2e6ae387.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3053 6 KB
4 KB 52ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c995ac9e9d9ab2885da2a1fa2e6ae387.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 03 Nov 2021 00:44:10 GMT
expires: Thu, 03 Nov 2022 00:44:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D312%26pixelIndex%3D0%26r%3D114304%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Ffcw.com%252Fwebcasts...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D312%2526pixelIndex%253D0%2526r%253D114304%2526tzOffset%25...
https://a.dpmsrv.com/dpmpxl/index.php?id=4656221516274184561&q=xImp&v=1.x&cl=312&pixelIndex=0&r=114304&tzOffset=0&url=https%3A%2F%2Ffcw.com%2Fwebcasts%2F2021%2F09%2Fteam-cymru-how-companies-have-tu...

252 B
1001 B

427ms
103ms

Script
text/javascript

34.194.71.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=4656221516274184561&q=xImp&v=1.x&cl=312&pixelIndex=0&r=114304&tzOffset=0&url=https%3A%2F%2Ffcw.com%2Fwebcasts%2F2021%2F09%2Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%3F%26pc%3DG0990E07%26utm_source%3Dwebmktg%26utm_medium%3DE-Mail%26utm_campaign%3DG0990E07%26oly_enc_id%3D4291D2343667C5G72&_=1635900250438
Requested by: Host: fcw.com
URL: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
Protocol: HTTP/1.1
Server: 34.194.71.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-71-96.compute-1.amazonaws.com
Software: /
Resource Hash: f5f9b0fd9978d04d3c886184b7f3c650dc1a0df45a8f60e19846637d3691cd3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 222
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 00:44:10 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 35932c48-eb94-4d04-9bc0-bde40f718f29
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=4656221516274184561&q=xImp&v=1.x&cl=312&pixelIndex=0&r=114304&tzOffset=0&url=https%3A%2F%2Ffcw.com%2Fwebcasts%2F2021%2F09%2Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%3F%26pc%3DG0990E07%26utm_source%3Dwebmktg%26utm_medium%3DE-Mail%26utm_campaign%3DG0990E07%26oly_enc_id%3D4291D2343667C5G72&_=1635900250438
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 31ms
31ms Script
application/javascript 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50202&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Ffcw.com%2Fwebcasts%2F2021%2F09%2Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%3F%26pc%3DG0990E07%26utm_source%3Dwebmktg%26utm_medium%3DE-Mail%26utm_campaign%3DG0990E07%26oly_enc_id%3D4291D2343667C5G72&pv=1635900250449_hmd2kt6hv&bl=en-us&cb=3024544&return=&ht=shex&d=&dc=&si=1635900250449_hmd2kt6hv&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?3102021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 00:44:10 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 459ms
167ms Script
application/javascript 44.196.178.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=3102021
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?3102021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.178.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-178-215.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 00:44:10 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Thu, 04 Nov 2021 00:44:10 GMT

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 487ms
117ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fcw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Wed, 03 Nov 2021 00:44:10 GMT
Server: Apache

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 484ms
117ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fcw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Wed, 03 Nov 2021 00:44:10 GMT
Server: Apache

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
307 B 125ms
124ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

2edaa30d4700e9c64439fd90cba328cf7eeb1177cbf7b7e26520266bb75d724d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fcw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Nov 2021 00:44:10 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 48ms
25ms Fetch
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 00:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 3772753657375090657
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 03 Nov 2021 00:44:10 GMT

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
307 B 126ms
126ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fcw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Nov 2021 00:44:10 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

HEAD
H2 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 39ms
16ms Fetch
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1032 / 523 of 1000 / last-modified: 1635890704"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 00:44:10 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=4656221516274184561&pixelIndex=0&_=1635900250439
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=4656221516274184561&pixelIndex=0&_=1635900250439&google_gid=CAESEChxKb68F9_jlF3gmMVkLgA&google_cver=1

0
598 B

104ms
104ms

Script
text/javascript

34.194.71.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=4656221516274184561&pixelIndex=0&_=1635900250439&google_gid=CAESEChxKb68F9_jlF3gmMVkLgA&google_cver=1
Requested by: Host: fcw.com
URL: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
Protocol: HTTP/1.1
Server: 34.194.71.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-71-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 00:44:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=4656221516274184561&pixelIndex=0&_=1635900250439&google_gid=CAESEChxKb68F9_jlF3gmMVkLgA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 40ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=4656221516274184561
Requested by: Host: fcw.com
URL: https://fcw.com/webcasts/2021/09/team-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx?&pc=G0990E07&utm_source=webmktg&utm_medium=E-Mail&utm_campaign=G0990E07&oly_enc_id=4291D2343667C5G72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:10 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 20ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b52e68b326e7fe9c12c5ba301199d4a168f77d93a07abe99e3f68d0107f713b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 00:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9376
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 03 Nov 2021 00:44:11 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 60B0 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 02 Nov 2021 21:29:33 GMT
expires: Wed, 02 Nov 2022 21:29:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B1BF 783 B
1 KB 43ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7420b89acc7a7262aa6d70ec5e261461bd15ebe188659f2b1aebd33bffcd2a76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bFLGMNM/H75txvOe7A4rvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 03 Nov 2021 00:44:11 GMT
date: Wed, 03 Nov 2021 00:44:11 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-bFLGMNM/H75txvOe7A4rvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 60B0 35 KB
14 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:11:56 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B1BF 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102801&jk=557091521670839&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 43ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102801&jk=557091521670839&bg=!HR6lHlrNAAZzbWp4c207ACkAdvg8WiSLlip27vI4b2pT-RghS3T8E7syaBnTkZrq5a2H3E06QcKPwwIAAABWUgAAAAdoAQcKAK_VouDZThF2RO8YzgTqHF_dv9Iz6iWBv4ZwJp8g3Ek5QzmPlNtLyxlLIdqK-pU_0LaT8a_VfCsg5Cihh03zi8IogOdaxtgTYOokPKiQgYbOot8r9ZM7fFnQVxp9fxklscp4tHjteMf8tquhEXpMnlt0auTSwJgQv_LlcH8Y19ppdG6befRLS6zLfKRcplklMMQmioECGpZiOD5BYBtlDT5qWOaHtFFm7T2hJ3uIBTNcmQKxCNjzxnxx0hN15jBSiaw_RQPnGzhOcYfujGdOsSJ6N_IM9RmwHIuLVKmJLIfH07DLQrDTQ_7EEGzXtBNhce8IzxXhRFNZbRWJRTX7OMVDdfCOPm7N2vInCaK5ySUN5EC1jtvrNZCl9fi2g3j6Ciqyj48NWE-LV3ecAN-lR7JdvN6weAy9Kn1MQdZB8oj83mZb3tIkeycMhda6JwlP-CZ5xUGJJUJITCJuuJegsEOLNkyDuieTLofOvE4ZPi5MH1DF6KMutQZBqfwrP2ibGCZTe7wk4ch6xF_60Oig29Iwnnaj8SKD9Ci1vUL-wCcKBN4c9L-SRDY_P4kQdMqm0RsiHebU3uQFyCY86Y0AHoepR4Dh_IvM09VR7fE9vnOFHlJBnEhWjLcKVVBuZXjirxqkxd3EXtdCzhSJToUr-1sRHwVnXTV_SWjCnJ9l19n9yqoukLcgs3b5Tqh5CniIMIP-75GbBtw3SGlQM96DN18V8qLXkjZ1WxrPoVwuDlUVwHz_bW8Wq1wNe5C1bhiyjeB0O8E-uD-iKjeHxpoFE33Y-fx1MMsoDZuGOPdKrT9JyNInwtFcS3DEhX_R-Hf44syzOENPD9cle29dvsKuSaZrUfyPDog1lyzhJ1cAFL55vn70BrYBfspMkhcWHiu7zGd3eKzU1MS6sL7J_TJhC3Ea40eksxcMQ-ejlmEXdyvgIXn6TOOpSHszQ7rnNjw0fKvo8uwcsOwhy17M-QXUx57vf2PmEN6OCblG_rC0s-svFfczN9uft8_xButzZeY3bIlT4EaiDo7XX0SLbqKgDPl_FRUtA5Jr1ejrQ8g7ls_0vYAMyo-D4D76dfqqHCTLfUBogtZ11bnKXVy4XJUGO3PpLQsX7PMC3D7UOsAsMFgIhT8fCuc9JsZ3R1yTX554ViJF3gY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 00:44:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200 p
olytics.omeda.com/olytics/segments/ Frame 0
0 622ms
117ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fcw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Wed, 03 Nov 2021 00:44:11 GMT
Server: Apache

OPTIONS
H/1.1 200 /
olytics.omeda.com/olytics/segments/form/check/ Frame 0
0 629ms
120ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/form/check/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fcw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Wed, 03 Nov 2021 00:44:12 GMT
Server: Apache

POST
H/1.1 200 p Show response
olytics.omeda.com/olytics/segments/ 20 B
313 B 135ms
134ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fcw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Nov 2021 00:44:12 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 / Show response
olytics.omeda.com/olytics/segments/form/check/ 20 B
313 B 117ms
117ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/form/check/

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fcw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Nov 2021 00:44:12 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 cswitch Show response
olytics.omeda.com/olytics/segments/ 157 B
450 B 141ms
141ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/cswitch

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

95e0993c1da30e211f601749f9e1d32f00466d8eebab78b300243b77f07cdeb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fcw.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Nov 2021 00:44:12 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 cswitch
olytics.omeda.com/olytics/segments/ Frame 0
0 683ms
128ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/cswitch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fcw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Wed, 03 Nov 2021 00:44:12 GMT
Server: Apache

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 106ms
106ms Script
text/javascript 34.194.71.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=5938243%2C17563123&cl=312&pixelIndex=0&r=822723&tzOffset=0&url=https%3A%2F%2Ffcw.com%2Fwebcasts%2F2021%2F09%2Fteam-cymru-how-companies-have-turned-the-tables-on-threat-actors-091521.aspx%3F%26pc%3DG0990E07%26utm_source%3Dwebmktg%26utm_medium%3DE-Mail%26utm_campaign%3DG0990E07%26oly_enc_id%3D4291D2343667C5G72&id=4656221516274184561&_=1635900250440
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_a93c168323147d1135503939396cac628dc194c5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.71.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-71-96.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1023 B 13ms
13ms Image
image/gif 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=827&add=5938243,17563123

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fcw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 00:44:11 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b7a6b2cf-24ff-462d-85ea-0766210efd4f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fcw.com/webcasts/2021/09	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
fcw.com/	1969-12-31 23:59:59	Name: ReconfirmFormCookie Value: LastUpdated=11/2/2021 5:44:23 PM
fcw.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: aa1zubdajl0zmjxuvnjob0bg
fcw.com/	1970-01-19 22:35:08	Name: ParameterPC Value: G0990E07
fcw.com/	1969-12-31 23:59:59	Name: BIGipServerPool-fcw-80 Value: 1392707850.20480.0000
.fcw.com/	1970-01-20 15:56:12	Name: _ga Value: GA1.2.1738714942.1635900250
.fcw.com/	1970-01-19 22:26:26	Name: _gid Value: GA1.2.1909113545.1635900250
.fcw.com/	1970-01-19 22:25:00	Name: _gat Value: 1
fcw.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.fcw.com/	1970-01-20 07:46:36	Name: __gads Value: ID=7dd60e16b652ef05-225fef2f0bcb00bc:T=1635900250:S=ALNI_MbkHfLo3f-LBhGbuBzQ211i5w2G0A
.adnxs.com/	1970-01-20 00:34:36	Name: uuid2 Value: 4656221516274184561
.fcw.com/	1970-01-20 07:10:36	Name: oly_enc_id Value: %224291D2343667C5G72%22
.fcw.com/	1970-01-20 07:10:36	Name: oly_anon_id Value: %22fed81413-4ea9-4a1d-9c39-0d9d2127b3a9%22
.dpmsrv.com/	1970-04-10 22:51:40	Name: dpm_pxl Value: 75d48b5d7139aba841c394261e2b1300dc60f6f1
.dpmsrv.com/	1970-04-10 22:51:40	Name: dpm_pxl_aid Value: 4656221516274184561
.doubleclick.net/	1970-01-20 07:46:36	Name: IDE Value: AHWqTUl_U-MmDgVOzL_zNPMmYZlshLTpxaQNaQvT6x1CZTC_1cKUqDatpHNomc6qBPE
.adnxs.com/	1970-01-20 00:34:36	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVTH?TfG!@wnf-Te9(>wL5L!!'Dd$`161
.dpmsrv.com/	1970-04-10 22:51:40	Name: xdpm_segsid_312 Value: 17563123%2C5938243
.dpmsrv.com/	1970-04-10 22:51:40	Name: xdpm_segs_312 Value:
fcw.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 5.006

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=4656221516274184561 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1105info.com
a.dpmsrv.com
adservice.google.com
adservice.google.de
c995ac9e9d9ab2885da2a1fa2e6ae387.safeframe.googlesyndication.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
fcw.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
ml314.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
redmondmag.1105cms01.com
s.dpmsrv.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
142.250.186.162
143.204.215.109
185.33.220.244
204.180.130.159
204.180.130.165
205.162.43.140
2606:4700:3108::ac42:284d
2606:4700::6810:125e
2a00:1450:4001:808::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
34.194.71.96
35.244.174.68
44.196.178.215
52.208.138.90
63.236.5.100
014678682c8b2b757f77ed092941cc7f7eb534e797672b8e88b465df28959c03
1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda
208b2b183b4ad6e5c3a8a222112b91cfd6e3309cf77e405e1b6457724fa15bde
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
29b561a8a01edc4acf52d1c4c763aa21a1b540bc020b92f8bbfaf656b53a02b0
2b52e68b326e7fe9c12c5ba301199d4a168f77d93a07abe99e3f68d0107f713b
2edaa30d4700e9c64439fd90cba328cf7eeb1177cbf7b7e26520266bb75d724d
380a57c5673f7ca35f09c78eef2a80e7f4e52a8481503a96a7f92d55942ad55c
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5f0025b39e640148fb30602cedc8532f3f48ba2b9f4fbb5f2a1facb9a1f5e6ee
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6977133984633ee9fce3f13d7b5d94d8adcca7a284b5f568dcebd6ebaf6c9a97
6decfba88914646414865c80ec2c67a28908075eb66e64b5b02e4929d4a8a851
6e109317e4c7dd955f3218910d7557e1704987eafb35c81b1c2f2c77003394a0
7420b89acc7a7262aa6d70ec5e261461bd15ebe188659f2b1aebd33bffcd2a76
7678584f5f3a8952a0be0891bd92fa50559bcc196f60b9c31e10c88b96397a73
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
95e0993c1da30e211f601749f9e1d32f00466d8eebab78b300243b77f07cdeb6
970069a9c131f4ae655108d02a12829b7dc2d6516a527f81f68e911b7cc0cad7
9e1d4c83494536029c02618c5e9c1755a11fc825d35d895cba8986c2a94b0291
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a31fe83b286f32aa4bc04ba2300a8b644db75ae2f3640935ebdb6ce61314d30f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ad5ad7270158d81f9e6c986fad9e7d6d695e8bbbbd60b528557706c00ed7dee5
aefe7785628510514a9b8239ce581219565b33e13a778208e8740c4b0b617d80
b6577a2dda8d47bdf6e724c62b5087616502f31b060455b66222e4a403bd922e
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5352545f1a1fc8507069bebd112e8778fc5ee88ccbe02b43b001212c6406902
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
f5f9b0fd9978d04d3c886184b7f3c650dc1a0df45a8f60e19846637d3691cd3f
f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

fcw.com Open in urlscan Pro 2606:4700:3108::ac42:284d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

56 Requests

96 %HTTPS

50 %IPv6

17 Domains

24 Subdomains

21 IPs

4 Countries

672 kBTransfer

1809 kBSize

20 Cookies

12 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fcw.com Open in urlscan Pro
2606:4700:3108::ac42:284d Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

24
Subdomains

21
IPs

4
Countries

672 kB
Transfer

1809 kB
Size

20
Cookies

56 HTTP transactions
0 data transactions