urlscan.io logo urlscan.io
SecurityTrails logo

www.clockwork.com Open in urlscan Pro
2620:12a:8001::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Submission: On June 10 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 19 domains to perform 43 HTTP transactions. The main IP is 2620:12a:8001::3, located in United States and belongs to FASTLY, US. The main domain is www.clockwork.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 31st 2020. Valid for: 3 months.
This is the only time www.clockwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 2620:12a:8001::3 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f05... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 147.75.84.31 54825 (PACKET)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 216.58.205.226 15169 (GOOGLE)
1 5 2.18.233.40 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f15... 32934 (FACEBOOK)
1 1 54.171.23.184 16509 (AMAZON-02)
2 3.248.28.111 16509 (AMAZON-02)
1 147.75.84.91 54825 (PACKET)
1 147.75.33.233 54825 (PACKET)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.31.147.11 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
43 21
12    2620:12a:8001::3 (United States)

ASN54113 (FASTLY, US)
www.clockwork.com
1    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f058:f:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    147.75.84.31 (Parsippany, United States)

ASN54825 (PACKET, US)
static.hotjar.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f2.1e100.net
www.googleadservices.com
5    2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
s.adroll.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f158:82:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.171.23.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
2    3.248.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
d.adroll.com
1    147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)
script.hotjar.com
1    147.75.33.233 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14
vars.hotjar.com
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    52.31.147.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-147-11.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Domain Requested by
12 www.clockwork.com 1 redirects www.clockwork.com
5 s.adroll.com 1 redirects www.googletagmanager.com
www.clockwork.com
s.adroll.com
5 fonts.gstatic.com www.clockwork.com
2 d.adroll.com www.clockwork.com
2 www.facebook.com www.clockwork.com
connect.facebook.net
2 www.google.de www.clockwork.com
2 www.google.com 2 redirects
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 connect.facebook.net www.clockwork.com
connect.facebook.net
1 track.hubspot.com
1 api.hubspot.com js.usemessages.com
1 in.hotjar.com script.hotjar.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 googleads.g.doubleclick.net 1 redirects
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 d.adroll.mgr.consensu.org 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 static.hotjar.com www.clockwork.com
1 www.googletagmanager.com www.clockwork.com
1 fonts.googleapis.com www.clockwork.com
1 js.hs-scripts.com www.clockwork.com
43 25
Subject Issuer Validity Valid
5743257380192256-fe3.pantheonsite.io
Let's Encrypt Authority X3		 2020-05-31 -
2020-08-29		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-07 -
2020-10-09		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2020-01-29 -
2021-04-29		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2019-11-06 -
2020-12-06		 a year crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
*.hotjar.com
Amazon		 2019-09-27 -
2020-10-27		 a year crt.sh
hubspot.com
CloudFlare Inc ECC CA-2		 2020-05-15 -
2020-10-09		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Frame ID: 8CCC00200AE94EBDACBB7DEFF75A2649
Requests: 42 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: B400FE6AD85C168D7B88DBE0B25BC1A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking HTTP 301
    https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

43
Requests

100 %
HTTPS

68 %
IPv6

19
Domains

25
Subdomains

21
IPs

6
Countries

815 kB
Transfer

2701 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking HTTP 301
    https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=396394523&t=pageview&_s=1&dl=https%3A%2F%2Fwww.clockwork.com%2Fnews%2F2012%2F09%2F28%2F602%2Fssh_agent_hijacking%2F&ul=en-us&de=UTF-8&dt=SSH%20Agent%20Hijacking%20-%20Clockwork&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=225089954&gjid=993652035&cid=1598109264.1591756638&tid=UA-5298189-12&_gid=1167253261.1591756638&_r=1&gtm=2wg5r0MSJ2M47&z=1554763348 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5298189-12&cid=1598109264.1591756638&jid=225089954&_gid=1167253261.1591756638&gjid=993652035&_v=j82&z=1554763348 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5298189-12&cid=1598109264.1591756638&jid=225089954&_v=j82&z=1554763348 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5298189-12&cid=1598109264.1591756638&jid=225089954&_v=j82&z=1554763348&slf_rd=1&random=3226198346
Request Chain 27
  • https://s.adroll.com/j/exp/M3M6MKOOJVEBPMR76OK6TA/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 29
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/M3M6MKOOJVEBPMR76OK6TA?_s=7e50cac286ab74e75d940f4312b559f2&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/M3M6MKOOJVEBPMR76OK6TA/?_s=7e50cac286ab74e75d940f4312b559f2&_b=2
Request Chain 32
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988309807/?random=1646494211&cv=9&fst=*&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&ig=1&frm=0&url=https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/&tiba=SSH%20Agent%20Hijacking%20-%20Clockwork&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=XkfgXuSRC5D43gP2hrDwAQ&sscte=1&crd=&gtd=&eitems=ChAI8Ob89gUQo_ncvKzO1Pp8Eh0ANGeqIFad9twuh_4KFRcEp-bSCnmgCPNb0hiI1Q HTTP 302
  • https://www.google.com/pagead/1p-conversion/988309807/?random=1646494211&cv=9&fst=*&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&ig=1&frm=0&url=https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/&tiba=SSH%20Agent%20Hijacking%20-%20Clockwork&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=XkfgXuSRC5D43gP2hrDwAQ&eitems=ChAI8Ob89gUQo_ncvKzO1Pp8Eh0ANGeqII68xpx7H3SNE8E71A24idCosnfVEigBlw&random=248280881&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/988309807/?random=1646494211&cv=9&fst=*&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&ig=1&frm=0&url=https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/&tiba=SSH%20Agent%20Hijacking%20-%20Clockwork&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=XkfgXuSRC5D43gP2hrDwAQ&eitems=ChAI8Ob89gUQo_ncvKzO1Pp8Eh0ANGeqII68xpx7H3SNE8E71A24idCosnfVEigBlw&random=248280881&resp=GooglemKTybQhCsO&ipr=y

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Redirect Chain
  • https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking
  • https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
58 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16d6abd4d6ac797cbd64bc7e708bcddeee34c317f95a4d74b6ceec7dc88ab865
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:method
GET
:authority
www.clockwork.com
:scheme
https
:path
/news/2012/09/28/602/ssh_agent_hijacking/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
public, max-age=600
content-encoding
gzip
content-type
text/html; charset=UTF-8
link
<https://www.clockwork.com/wp-json/>; rel="https://api.w.org/" <https://www.clockwork.com/?p=890>; rel=shortlink
server
nginx
strict-transport-security
max-age=300
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-87cqb
x-styx-req-id
4cc129af-aac3-11ea-b68f-a63ad2a19199
date
Wed, 10 Jun 2020 02:37:17 GMT
x-served-by
cache-mdw17321-MDW, cache-fra19144-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1591756637.071029,VS0,VE736
vary
Accept-Encoding, Cookie, Cookie
age
0
accept-ranges
bytes
via
1.1 varnish
content-length
17264

Redirect headers

status
301
cache-control
max-age=3600
content-type
text/html; charset=UTF-8
expires
Wed, 10 Jun 2020 03:37:17 GMT
location
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
server
nginx
strict-transport-security
max-age=300
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-fbvcw
x-redirect-by
WordPress
x-styx-req-id
4c9f26d8-aac3-11ea-9a40-5ebd551d3615
date
Wed, 10 Jun 2020 02:37:17 GMT
x-served-by
cache-mdw17324-MDW, cache-fra19144-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1591756637.850282,VS0,VE213
vary
Cookie, Cookie
age
0
accept-ranges
bytes
via
1.1 varnish
content-length
0
index.css
www.clockwork.com/wp-content/themes/cw-2019/dist/ 		314 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.clockwork.com/wp-content/themes/cw-2019/dist/index.css?ver=5.4
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f8852aba2596d362118429bd4e2fb1f2acb6caddbb60cadd8cc9379f3d27d43a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"5ed84a79-4e98b"
age
498731
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-5zxjf
x-cache
HIT, HIT
status
200
content-length
52622
x-served-by
cache-mdw17327-MDW, cache-fra19144-FRA
last-modified
Thu, 04 Jun 2020 01:12:25 GMT
server
nginx
x-timer
S1591756638.820802,VS0,VE1
date
Wed, 10 Jun 2020 02:37:17 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
expires
Sat, 05 Jun 2021 08:05:06 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
1a66d881-a63a-11ea-b17b-4a73750a8738
x-cache-hits
1, 1
addToAny.js
www.clockwork.com/wp-content/themes/cw-2019/scripts/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clockwork.com/wp-content/themes/cw-2019/scripts/addToAny.js
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9cc5a741ed23f098aaa6a4dcb66ef516baca0724a3d82f7195988cc53c7f809
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"5ecd68c6-11f74"
age
1203684
x-pantheon-styx-hostname
styx-fe3-a-6578c47759-d5nck
x-cache
HIT, HIT
status
200
content-length
28441
x-served-by
cache-mdw17339-MDW, cache-fra19144-FRA
last-modified
Tue, 26 May 2020 19:06:46 GMT
server
nginx
x-timer
S1591756638.820778,VS0,VE1
date
Wed, 10 Jun 2020 02:37:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
expires
Fri, 28 May 2021 04:15:53 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
c18b65c1-9fd0-11ea-98a2-de3269d091fb
x-cache-hits
1, 1
wp-emoji-release.min.js
www.clockwork.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clockwork.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"5ecd68c6-364d"
age
1226141
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-cp8jw
x-cache
HIT, HIT
status
200
content-length
5247
x-served-by
cache-mdw17346-MDW, cache-fra19144-FRA
last-modified
Tue, 26 May 2020 19:06:46 GMT
server
nginx
x-timer
S1591756638.871855,VS0,VE1
date
Wed, 10 Jun 2020 02:37:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
expires
Thu, 27 May 2021 22:01:36 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
782314fc-9f9c-11ea-97fe-322a33ad3bf3
x-cache-hits
1, 1
footer.jpg
www.clockwork.com/wp-content/uploads/2019/10/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clockwork.com/wp-content/uploads/2019/10/footer.jpg
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c403fce9d329f2b3ef3e935e6cf5b0f1e739352f2745dc445e196fa0a68a1d7d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish
etag
"5e0e20cd-2295b"
age
1104486
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-kqqbj
x-cache
HIT, HIT
status
200
content-length
141659
x-served-by
cache-mdw17350-MDW, cache-fra19144-FRA
last-modified
Thu, 02 Jan 2020 16:56:45 GMT
server
nginx
x-timer
S1591756638.876060,VS0,VE0
date
Wed, 10 Jun 2020 02:37:17 GMT
content-type
image/jpeg
x-styx-req-id
b8091083-a0b7-11ea-ac17-ce54a8e2d533
expires
Sat, 29 May 2021 07:49:11 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 34
twitter.png
www.clockwork.com/wp-content/uploads/2019/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clockwork.com/wp-content/uploads/2019/10/twitter.png
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
32ad6984a87cf808b694896397d2b0075394022ea17d1555753be28a41f182e0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish
etag
"5e0e20cd-db5"
age
5903268
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-cqbw6
x-cache
HIT, HIT
status
200
content-length
3509
x-served-by
cache-mdw17368-MDW, cache-fra19144-FRA
last-modified
Thu, 02 Jan 2020 16:56:45 GMT
server
nginx
x-timer
S1591756638.876251,VS0,VE1
date
Wed, 10 Jun 2020 02:37:17 GMT
content-type
image/png
x-styx-req-id
af6f0ac6-7512-11ea-9231-eec98c31dec4
expires
Sat, 03 Apr 2021 18:49:30 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
instagram.png
www.clockwork.com/wp-content/uploads/2019/10/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clockwork.com/wp-content/uploads/2019/10/instagram.png
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa8570fae895c7d326b9d214e4e4962a9a642a23e1fc60efe1048884281f76b1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish
etag
"5e0e20cd-110d"
age
4115034
x-pantheon-styx-hostname
styx-fe3-a-6578c47759-twlfl
x-cache
HIT, HIT
status
200
content-length
4365
x-served-by
cache-mdw17362-MDW, cache-fra19144-FRA
last-modified
Thu, 02 Jan 2020 16:56:45 GMT
server
nginx
x-timer
S1591756638.876236,VS0,VE1
date
Wed, 10 Jun 2020 02:37:17 GMT
content-type
image/png
x-styx-req-id
3da342b1-8556-11ea-985a-2220791eb2c4
expires
Sat, 24 Apr 2021 11:33:23 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
linkedin.png
www.clockwork.com/wp-content/uploads/2019/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clockwork.com/wp-content/uploads/2019/10/linkedin.png
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fdbfcc989865642d89a32785eba46872f7b186145cece021dae36ece6f8f1fb3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish
etag
"5e0e20cd-a07"
age
5903268
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-bjn8m
x-cache
HIT, HIT
status
200
content-length
2567
x-served-by
cache-mdw17357-MDW, cache-fra19144-FRA
last-modified
Thu, 02 Jan 2020 16:56:45 GMT
server
nginx
x-timer
S1591756638.876234,VS0,VE1
date
Wed, 10 Jun 2020 02:37:17 GMT
content-type
image/png
x-styx-req-id
af8bb3f3-7512-11ea-871a-e6da94cc292b
expires
Sat, 03 Apr 2021 18:49:30 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
index.js
www.clockwork.com/wp-content/themes/cw-2019/dist/ 		366 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clockwork.com/wp-content/themes/cw-2019/dist/index.js?ver=1.0.0
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67a7d33c767b277491e81ffaa929b74313b92cdf8547abeae47502eb107c3190
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"5ed7a1b3-5b6a0"
age
527483
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-5zxjf
x-cache
HIT, HIT
status
200
content-length
102118
x-served-by
cache-mdw17369-MDW, cache-fra19144-FRA
last-modified
Wed, 03 Jun 2020 13:12:19 GMT
server
nginx
x-timer
S1591756638.854807,VS0,VE2
date
Wed, 10 Jun 2020 02:37:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
expires
Sat, 05 Jun 2021 00:05:54 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
28c2a955-a5f7-11ea-b17b-4a73750a8738
x-cache-hits
1, 1
4060534.js
js.hs-scripts.com/ 		1 KB
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4060534.js
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05ec3a82d76ef28ea6923eabbe496f114904760cded55a722c50ab93be4a2a3a

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
status
200
cf-request-id
033dafdec4000005f1cc170200000001
server
cloudflare
x-trace
2B17CC92C632F4B972E7BC6B7341EB008CE7278CD0000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.clockwork.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5a0fb5aadf0305f1-FRA
expires
Wed, 10 Jun 2020 02:38:18 GMT
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f76fee17d3e77e7c77fc7c8575908f89d0d277f4a5f601297325f489aa84a27c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Jun 2020 02:37:17 GMT
server
ESF
date
Wed, 10 Jun 2020 02:37:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jun 2020 02:37:17 GMT
gtm.js
www.googletagmanager.com/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSJ2M47
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a802848d12b0a0f91182983bffe8599e0dd397530095759c995625f819b7032e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 02:37:17 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39256
x-xss-protection
0
last-modified
Wed, 10 Jun 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jun 2020 02:37:17 GMT
fbevents.js
connect.facebook.net/en_US/ 		131 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f058:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
v84h5TtOQji3jFtDbhjlvf4vp6MNDpgqeY+0ftVf9lXW19gx3V39KAfexDnxTh5AwYLGnHKJIelIj9L2haRvHg==
x-fb-trip-id
1679558926
x-frame-options
DENY
date
Wed, 10 Jun 2020 02:37:17 GMT, Wed, 10 Jun 2020 02:37:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
c0e46dbaf9afba90d9b246339dea2731.svg
www.clockwork.com/wp-content/themes/cw-2019/dist/ 		251 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clockwork.com/wp-content/themes/cw-2019/dist/c0e46dbaf9afba90d9b246339dea2731.svg
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
662a2a29ae13c0ceca8eac9399e81501c638a750f1bcd2b7d6415266a45a2929
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/wp-content/themes/cw-2019/dist/index.css?ver=5.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"5e863301-fb"
age
5903394
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-bjn8m
x-cache
HIT, HIT
status
200
content-length
207
x-served-by
cache-mdw17379-MDW, cache-fra19144-FRA
access-control-allow-origin
*
last-modified
Thu, 02 Apr 2020 18:46:25 GMT
server
nginx
x-timer
S1591756638.882889,VS0,VE1
date
Wed, 10 Jun 2020 02:37:17 GMT
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
expires
Sat, 03 Apr 2021 18:47:23 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
6439fd1a-7512-11ea-871a-e6da94cc292b
x-cache-hits
1, 1
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Origin
https://www.clockwork.com

Response headers

date
Sat, 16 May 2020 07:58:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:50 GMT
server
sffe
age
2140750
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13464
x-xss-protection
0
expires
Sun, 16 May 2021 07:58:07 GMT
JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Origin
https://www.clockwork.com

Response headers

date
Wed, 27 May 2020 05:43:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:50 GMT
server
sffe
age
1198411
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Thu, 27 May 2021 05:43:46 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Origin
https://www.clockwork.com

Response headers

date
Thu, 21 May 2020 18:33:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
1670622
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
expires
Fri, 21 May 2021 18:33:35 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Origin
https://www.clockwork.com

Response headers

date
Thu, 21 May 2020 09:52:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:06 GMT
server
sffe
age
1701886
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13612
x-xss-protection
0
expires
Fri, 21 May 2021 09:52:31 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2
fonts.gstatic.com/s/montserrat/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Origin
https://www.clockwork.com

Response headers

date
Mon, 08 Jun 2020 21:25:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:53 GMT
server
sffe
age
105098
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14024
x-xss-protection
0
expires
Tue, 08 Jun 2021 21:25:39 GMT
hotjar-197430.js
static.hotjar.com/c/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-197430.js?sv=6
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.31 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
e5bf1765664a3c29ad8cfc7adad75d484b255d860500cf9839f5f6598b3d4a71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjarjs
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
content-length
1882
cache-control
max-age=60
etag
W/693c208bda67b5757d3737c4d19dffe7
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.071
accept-ranges
bytes
section-io-id
ed23fad12425b9e9cccca776b050a737
section-origin-responded
true
fb8759763ba118a0556acddc8bce0c31.svg
www.clockwork.com/wp-content/themes/cw-2019/dist/ 		122 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clockwork.com/wp-content/themes/cw-2019/dist/fb8759763ba118a0556acddc8bce0c31.svg
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6fb952c431b99bcf06828f3fbcc38bc5fcf841b98841d9c1eae0c1e4d4feb4d6
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.clockwork.com/wp-content/themes/cw-2019/dist/index.css?ver=5.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"5eb137e3-7a"
age
3081599
x-pantheon-styx-hostname
styx-fe3-b-c8f8fbbbb-jp5mj
x-cache
HIT, HIT
status
200
content-length
129
x-served-by
cache-mdw17325-MDW, cache-fra19144-FRA
access-control-allow-origin
*
last-modified
Tue, 05 May 2020 09:54:43 GMT
server
nginx
x-timer
S1591756638.996661,VS0,VE1
date
Wed, 10 Jun 2020 02:37:17 GMT
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
expires
Thu, 06 May 2021 10:37:18 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
64f2b03c-8ebc-11ea-bd03-f2cc0323dd98
x-cache-hits
1, 1
521769165150866
connect.facebook.net/signals/config/ 		516 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/521769165150866?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f058:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1314cf2a414a3a51382f8bd4195fc55d8cc12ceaeed3ed6a3d38506ebe1c604d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
+Wnn7YFoDcTKtkzeDXynHumg/UaUszg4lnph4lyZolN3XcK0w0qdfPvk1wi2+2xbM0DY5QhPRmDPeOeRBzDKHQ==
x-fb-trip-id
1679558926
x-frame-options
DENY
date
Wed, 10 Jun 2020 02:37:18 GMT, Wed, 10 Jun 2020 02:37:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSJ2M47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
7060
date
Wed, 10 Jun 2020 00:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Wed, 10 Jun 2020 02:39:38 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSJ2M47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
server
cafe
etag
13497728949557021888
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 10 Jun 2020 02:37:18 GMT
roundtrip.js
s.adroll.com/j/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSJ2M47
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b5b4a374d6dfb06f111c288ba9042d5c4e1305b3da110bea8116f3090bce2e5

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
ehJgGpzGzAbK8GzMvrCmhGB9QIvRjX3O
Content-Encoding
gzip
ETag
"493863a9069eb4663881ed7b590bc370"
x-amz-request-id
4AD5F575B2B62C3A
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
11133
x-amz-id-2
sF3RLu84SpsB/WDmm1RAF+GFJLR5RZZPIcfcx15Yz5I7kLcH1lSTZSiYUdlTTGswCfStuE/qQ50=
Last-Modified
Tue, 02 Jun 2020 21:58:20 GMT
Server
AmazonS3
Date
Wed, 10 Jun 2020 02:37:18 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=396394523&t=pageview&_s=1&dl=https%3A%2F%2Fwww.clockwork.com%2Fnews%2F2012%2F09%2F28%2F602%2Fssh_agent_hijacking%2F&ul=en-us&de=UTF-8&dt=SSH%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5298189-12&cid=1598109264.1591756638&jid=225089954&_gid=1167253261.1591756638&gjid=993652035&_v=j82&z=1554763348
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5298189-12&cid=1598109264.1591756638&jid=225089954&_v=j82&z=1554763348
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5298189-12&cid=1598109264.1591756638&jid=225089954&_v=j82&z=1554763348&slf_rd=1&random=3226198346
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5298189-12&cid=1598109264.1591756638&jid=225089954&_v=j82&z=1554763348&slf_rd=1&random=3226198346
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 02:37:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jun 2020 02:37:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5298189-12&cid=1598109264.1591756638&jid=225089954&_v=j82&z=1554763348&slf_rd=1&random=3226198346
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/988309807/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/988309807/?random=1591756638161&cv=9&fst=1591756638161&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.clockwork.com%2Fnews%2F2012%2F09%2F28%2F602%2Fssh_agent_hijacking%2F&tiba=SSH%20Agent%20Hijacking%20-%20Clockwork&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
27e1a82abcbcb485872a07413ec15ae6757d368ce37d9aa20735ac882e4a4931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1190
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=521769165150866&ev=PageView&dl=https%3A%2F%2Fwww.clockwork.com%2Fnews%2F2012%2F09%2F28%2F602%2Fssh_agent_hijacking%2F&rl=&if=false&ts=1591756638184&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591756638182.43626017&it=1591756638033&coo=false&rqm=GET
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f158:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT, Wed, 10 Jun 2020 02:37:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 10 Jun 2020 02:37:18 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/M3M6MKOOJVEBPMR76OK6TA/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
MvaZYW7xXR9M9hUcWDgUVAWVyUlL21ST
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
2DBC0A47C6AE7942
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
pdXLSEu2gTihFxulaZoglus8ByA01JsL4yxgDFBqMepK6h0UFMTALvb5/DBrbdDPMFzbp0Bs7Fo=
Last-Modified
Fri, 05 Jun 2020 15:32:25 GMT
Server
AmazonS3
Date
Wed, 10 Jun 2020 02:37:18 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Wed, 10 Jun 2020 02:37:18 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/M3M6MKOOJVEBPMR76OK6TA/2WJD7FKYBVGVDNEZECHIHF/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/M3M6MKOOJVEBPMR76OK6TA/2WJD7FKYBVGVDNEZECHIHF/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
XTdRyYhQTNTZC0K86gz3pHxgJsvx8mqu
Content-Encoding
gzip
ETag
"3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id
5A01AF5F05AEE5F2
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
635
x-amz-id-2
/unN+nC9jDL9N1/nswztD5k5zoTuOzZ7BPlg9Xh0qKHl/WyHCwh2+9W5qxRQNNRNE62BdUlt2Xo=
Last-Modified
Tue, 09 Jun 2020 17:24:50 GMT
Server
AmazonS3
Date
Wed, 10 Jun 2020 02:37:18 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/M3M6MKOOJVEBPMR76OK6TA/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/M3M6MKOOJVEBPMR76OK6TA?_s=7e50cac286ab74e75d940f4312b559f2&_b=2
  • https://d.adroll.com/consent/check/M3M6MKOOJVEBPMR76OK6TA/?_s=7e50cac286ab74e75d940f4312b559f2&_b=2
122 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/M3M6MKOOJVEBPMR76OK6TA/?_s=7e50cac286ab74e75d940f4312b559f2&_b=2
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
74b028f7689fe8ce25a184adf1387972211f20b11b6f90616d2a43c63b245037

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 10 Jun 2020 02:37:18 GMT
server
nginx/1.16.1
content-length
122
content-type
application/javascript

Redirect headers

status
302
date
Wed, 10 Jun 2020 02:37:18 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/M3M6MKOOJVEBPMR76OK6TA/?_s=7e50cac286ab74e75d940f4312b559f2&_b=2
modules.c618ee7dde3b49023442.js
script.hotjar.com/ 		369 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.c618ee7dde3b49023442.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-197430.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
33367bba4a5dc9b2654baae1da2442ce081f383578c475dccce533446f8286f6

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
br
age
465039
status
200
section-io-cache
Hit
content-length
71542
last-modified
Thu, 04 Jun 2020 17:23:29 GMT
etag
"a4b4a9718154528979eaf019b61f30e6"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.091
section-io-id
37e3140e2dd51a8fa5e5f559bdd45e89
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame B400 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-197430.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.233 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress14
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/

Response headers

status
200
date
Wed, 10 Jun 2020 02:37:18 GMT
content-type
text/html
content-length
851
last-modified
Wed, 03 Jun 2020 11:24:24 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.120
section-origin-responded
true
age
514603
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
5a9c2c54efcf6f5ffb2ba64a29f8d071
/
www.google.de/pagead/1p-conversion/988309807/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988309807/?random=1646494211&cv=9&fst=*&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
  • https://www.google.com/pagead/1p-conversion/988309807/?random=1646494211&cv=9&fst=*&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd...
  • https://www.google.de/pagead/1p-conversion/988309807/?random=1646494211&cv=9&fst=*&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/988309807/?random=1646494211&cv=9&fst=*&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&ig=1&frm=0&url=https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/&tiba=SSH%20Agent%20Hijacking%20-%20Clockwork&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=XkfgXuSRC5D43gP2hrDwAQ&eitems=ChAI8Ob89gUQo_ncvKzO1Pp8Eh0ANGeqII68xpx7H3SNE8E71A24idCosnfVEigBlw&random=248280881&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 02:37:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jun 2020 02:37:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/988309807/?random=1646494211&cv=9&fst=*&num=1&value=0&label=dO-7CJXIzc4BEK_SodcD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&ig=1&frm=0&url=https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/&tiba=SSH%20Agent%20Hijacking%20-%20Clockwork&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=XkfgXuSRC5D43gP2hrDwAQ&eitems=ChAI8Ob89gUQo_ncvKzO1Pp8Eh0ANGeqII68xpx7H3SNE8E71A24idCosnfVEigBlw&random=248280881&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversations-embed.js
js.usemessages.com/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4060534.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd591a9558c23d68ad52ea517d1687f71edb3eb20a0b5d4083e7b2892cfafc8

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT
via
1.1 649b4de6ebe50fb3c542f3d95c8ed8bb.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
268
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
033dafe0ed00000eaf0e948200000001
last-modified
Tue, 09 Jun 2020 06:11:47 UTC
server
cloudflare
etag
W/"5b9f186a661bcd0a7436ad538d09ec19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
UOT1gVQ_bbPuVDLPtG1Ynu0V5gFg1Vwc
cache-control
max-age=600
x-amz-cf-pop
IAD89-C2
cf-ray
5a0fb5ae4fac0eaf-FRA
x-amz-cf-id
gpWplz-6UL2Bx40bznEQCcTeqvaQpN2K7BmdGZ1qYHpmX5P7UU5rDQ==
4060534.js
js.hs-banner.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/4060534.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4060534.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38d4f727c36cf78b5a94412c7e6fbc5d223ff33c6421276bc8638f008972e1c

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=0Fwt+w==, md5=8IsM1o/0TEAXjanFOdUgLg==
date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
AAANsUkmDg4LuY8XdxKrqe7sTbyYhhcy5G4F5MFjMy_zoid5cuHwmVGrr893orQdcAh00nmkc16shDMk6QOoe97DxY4
x-goog-storage-class
STANDARD
status
200
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
033dafe0ee0000dfdffa08b200000001
timing-allow-origin
*
last-modified
Wed, 27 May 2020 03:31:25 GMT
server
cloudflare
etag
W/"f08b0cd68ff44c40178da9c539d5202e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1590550285180548
access-control-allow-origin
https://www.clockwork.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
22868
cf-ray
5a0fb5ae4b65dfdf-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 10 Jun 2020 02:42:18 GMT
4060534.js
js.hs-analytics.net/analytics/1591756500000/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1591756500000/4060534.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4060534.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77fa2c886ee9a1c69966b27d2ab6350a0352e6d834eebf1a156df0591858d5b4

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
4F985D2B4A425FCC
x-amz-server-side-encryption
AES256
cf-ray
5a0fb5ae4ad105ed-FRA
status
200
x-amz-id-2
TFSf16LrAALv+Xri7ja5t2+kHPefVKExLnFeoJc/9GzCwjZAAPC4AxD7MTwB03GCFm44OjTCvV0=
last-modified
Wed, 06 May 2020 14:04:44 GMT
server
cloudflare
etag
W/"c6d463c1db7803d8db7d4972f67fb1f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
033dafe0ec000005ed992f9200000001
content-type
text/javascript
expires
Wed, 10 Jun 2020 02:42:18 GMT
visit-data
in.hotjar.com/api/v2/client/sites/197430/ 		178 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/197430/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c618ee7dde3b49023442.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.147.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-147-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
br
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
public
api.hubspot.com/livechat-public/v1/message/ 		300 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=4060534&conversations-embed=static-1.6726&mobile=false&messagesUtk=1f821a50baef40e0ba5ef7a733e5c295&traceId=1f821a50baef40e0ba5ef7a733e5c295
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e9384d10c4f89481ef18d39e202086c8545af5eeef8435887dfd833d667a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
X-HubSpot-Messages-Uri
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/

Response headers

date
Wed, 10 Jun 2020 02:37:18 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
237
cf-request-id
033dafe19d0000dfcbb811a200000001
server
cloudflare
x-trace
2BCA918DE0CD467A32824D02AB3D83B1B8D755D915000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.clockwork.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
5a0fb5af6ee5dfcb-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
consent.js
s.adroll.com/j/ 		243 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
W7pJTDq0578OcjyRZxtRH_BjDuWCGgRc
Content-Encoding
gzip
ETag
"2f9f76c2d377be42af05cdf34c632618"
x-amz-request-id
BFDDD219E02D63AA
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
33195
x-amz-id-2
0vEYWSNr8BIWIFx+Vt855bKM9PGQi1O3TTl+RSbaQgK2eZJeo3lhhvwHGpfanAseKG0Oz2obOWc=
Last-Modified
Tue, 19 Nov 2019 20:42:26 GMT
Server
AmazonS3
Date
Wed, 10 Jun 2020 02:37:18 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
hod
d.adroll.com/consent/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/consent/hod?_e=view_banner&_s=7e50cac286ab74e75d940f4312b559f2&_b=2.1&_a=M3M6MKOOJVEBPMR76OK6TA
Requested by
Host: www.clockwork.com
URL: https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 10 Jun 2020 02:37:18 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.16.1
content-length
42
vary
Cookie
content-type
image/gif
__ptq.gif
track.hubspot.com/ 		45 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=4060534&rcu=https%3A%2F%2Fwww.clockwork.com%2Fnews%2F2012%2F09%2F28%2F602%2Fssh_agent_hijacking%2F&pu=https%3A%2F%2Fwww.clockwork.com%2Fnews%2F2012%2F09%2F28%2F602%2Fssh_agent_hijacking%2F&t=SSH+Agent+Hijacking+-+Clockwork&cts=1591756638594&vi=d990717dfdfd156100d3f7fbb7f885a8&nc=true&u=153024870.d990717dfdfd156100d3f7fbb7f885a8.1591756638590.1591756638590.1591756638590.1&b=153024870.1.1591756638591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5a0fb5af5907062d-FRA
date
Wed, 10 Jun 2020 02:37:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
033dafe1960000062d670a4200000001
x-robots-tag
none
/
www.facebook.com/tr/ 		0
85 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f158:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRf82sKXnt0KwVWfu

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 10 Jun 2020 02:37:18 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.clockwork.com
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| _wpemojiSettings object| a2a_config object| a2a object| dataLayer function| fbq function| _fbq object| Foundation function| hj object| _hjSettings object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| _hsp boolean| _hspb_loaded function| __cmp object| $jscomp string| BANNER_VERSION object| __adroll_consent_banner object| _paq boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

11 Cookies

Domain/Path Name / Value
.clockwork.com/ Name: hubspotutk
Value: d990717dfdfd156100d3f7fbb7f885a8
www.clockwork.com/ Name: _hjIncludedInSample
Value: 1
.clockwork.com/ Name: _hjid
Value: 2b6c8014-4ae5-4200-aa2b-cfafc50940ee
.clockwork.com/ Name: __hssc
Value: 153024870.1.1591756638591
.clockwork.com/ Name: _fbp
Value: fb.1.1591756638182.43626017
.clockwork.com/ Name: __hssrc
Value: 1
.clockwork.com/ Name: __hstc
Value: 153024870.d990717dfdfd156100d3f7fbb7f885a8.1591756638590.1591756638590.1591756638590.1
.clockwork.com/ Name: _gat_UA-5298189-12
Value: 1
.clockwork.com/ Name: _gcl_au
Value: 1.1.1275271694.1591756638
.clockwork.com/ Name: _gid
Value: GA1.2.1167253261.1591756638
.clockwork.com/ Name: _ga
Value: GA1.2.1598109264.1591756638

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 521769165150866.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
s.adroll.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vars.hotjar.com
www.clockwork.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
147.75.33.233
147.75.84.31
147.75.84.91
2.18.233.40
216.58.205.226
2606:4700::6811:47b0
2606:4700::6811:d6cc
2606:4700::6811:eecc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:12a:8001::3
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:815::2004
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2008
2a00:1450:4001:81d::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f158:82:face:b00c:0:25de
3.248.28.111
52.31.147.11
54.171.23.184
05ec3a82d76ef28ea6923eabbe496f114904760cded55a722c50ab93be4a2a3a
0b5b4a374d6dfb06f111c288ba9042d5c4e1305b3da110bea8116f3090bce2e5
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1314cf2a414a3a51382f8bd4195fc55d8cc12ceaeed3ed6a3d38506ebe1c604d
16d6abd4d6ac797cbd64bc7e708bcddeee34c317f95a4d74b6ceec7dc88ab865
1bd591a9558c23d68ad52ea517d1687f71edb3eb20a0b5d4083e7b2892cfafc8
27e1a82abcbcb485872a07413ec15ae6757d368ce37d9aa20735ac882e4a4931
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
32ad6984a87cf808b694896397d2b0075394022ea17d1555753be28a41f182e0
33367bba4a5dc9b2654baae1da2442ce081f383578c475dccce533446f8286f6
46e9384d10c4f89481ef18d39e202086c8545af5eeef8435887dfd833d667a36
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
662a2a29ae13c0ceca8eac9399e81501c638a750f1bcd2b7d6415266a45a2929
67a7d33c767b277491e81ffaa929b74313b92cdf8547abeae47502eb107c3190
6fb952c431b99bcf06828f3fbcc38bc5fcf841b98841d9c1eae0c1e4d4feb4d6
74b028f7689fe8ce25a184adf1387972211f20b11b6f90616d2a43c63b245037
77fa2c886ee9a1c69966b27d2ab6350a0352e6d834eebf1a156df0591858d5b4
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a802848d12b0a0f91182983bffe8599e0dd397530095759c995625f819b7032e
c403fce9d329f2b3ef3e935e6cf5b0f1e739352f2745dc445e196fa0a68a1d7d
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
d9cc5a741ed23f098aaa6a4dcb66ef516baca0724a3d82f7195988cc53c7f809
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bf1765664a3c29ad8cfc7adad75d484b255d860500cf9839f5f6598b3d4a71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38d4f727c36cf78b5a94412c7e6fbc5d223ff33c6421276bc8638f008972e1c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f76fee17d3e77e7c77fc7c8575908f89d0d277f4a5f601297325f489aa84a27c
f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d
f8852aba2596d362118429bd4e2fb1f2acb6caddbb60cadd8cc9379f3d27d43a
fa8570fae895c7d326b9d214e4e4962a9a642a23e1fc60efe1048884281f76b1
fdbfcc989865642d89a32785eba46872f7b186145cece021dae36ece6f8f1fb3
ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43