urlscan.io logo urlscan.io
SecurityTrails logo

usa.kaspersky.com Open in urlscan Pro
77.74.178.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/|
Effective URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Submission: On October 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 9 countries across 35 domains to perform 69 HTTP transactions. The main IP is 77.74.178.40, located in Russian Federation and belongs to KL-EXT, RU. The main domain is usa.kaspersky.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 24th 2019. Valid for: a year.
This is the only time usa.kaspersky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 77.74.178.40 200107 (KL-EXT)
13 2600:9000:215... 16509 (AMAZON-02)
1 104.16.94.80 13335 (CLOUDFLAR...)
1 52.218.52.99 16509 (AMAZON-02)
1 77.74.178.23 200107 (KL-EXT)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 3 34.240.143.140 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 52.30.7.139 16509 (AMAZON-02)
3 52.49.100.189 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 23.38.48.101 20940 (AKAMAI-ASN1)
3 54.152.127.232 14618 (AMAZON-AES)
2 5 23.37.61.90 16625 (AKAMAI-AS)
1 91.228.74.188 27281 (QUANTCAST)
1 143.204.101.70 16509 (AMAZON-02)
6 6 23.37.58.95 16625 (AKAMAI-AS)
4 6 185.33.223.210 29990 (ASN-APPNEXUS)
1 50.18.231.235 16509 (AMAZON-02)
2 185.31.128.128 54312 (ROCKETFUEL)
1 91.228.74.182 27281 (QUANTCAST)
1 1 35.227.248.159 15169 (GOOGLE)
6 9 18.185.140.58 16509 (AMAZON-02)
1 147.75.102.200 54825 (PACKET)
1 2 216.58.205.230 15169 (GOOGLE)
1 1 52.45.41.168 14618 (AMAZON-AES)
1 52.216.229.237 16509 (AMAZON-02)
1 3.217.182.206 14618 (AMAZON-AES)
1 136.147.57.7 14340 (SALESFORCE)
69 29
3    77.74.178.40 (Russian Federation)

ASN200107 (KL-EXT, RU)
usa.kaspersky.com
13    2600:9000:2156:de00:12:5eb9:fe40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
assets.kasperskydaily.com
1    104.16.94.80 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
app-sj06.marketo.com
1    52.218.52.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-eu-west-1-r-w.amazonaws.com
analytics-scripts.s3-eu-west-1.amazonaws.com
1    77.74.178.23 (Russian Federation)

ASN200107 (KL-EXT, RU)
media.kaspersky.com
2    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
3    34.240.143.140 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-240-143-140.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    52.30.7.139 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-7-139.eu-west-1.compute.amazonaws.com
kaspersky.demdex.net
3    52.49.100.189 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-100-189.eu-west-1.compute.amazonaws.com
kaspersky.d3.sc.omtrdc.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    2a02:26f0:6c00:293::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
sjs.bizographics.com
1    23.38.48.101 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-48-101.deploy.static.akamaitechnologies.com
c1.rfihub.net
3    54.152.127.232 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-152-127-232.compute-1.amazonaws.com
ove1.marketlinc.com
5    23.37.61.90 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-61-90.deploy.static.akamaitechnologies.com
px.owneriq.net
1    91.228.74.188 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    143.204.101.70 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-70.fra50.r.cloudfront.net
vt.myvisualiq.net
6    23.37.58.95 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-58-95.deploy.static.akamaitechnologies.com
s.tribalfusion.com
a.tribalfusion.com
6    185.33.223.210 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    50.18.231.235 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-50-18-231-235.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
2    185.31.128.128 (Netherlands)

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)
a.rfihub.com
20730592p.rfihub.com
1    91.228.74.182 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
1    35.227.248.159 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 159.248.227.35.bc.googleusercontent.com
tapestry.tapad.com
9    18.185.140.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-140-58.eu-central-1.compute.amazonaws.com
t.myvisualiq.net
1    147.75.102.200 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
loadus.exelator.com
2    216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net
ad.doubleclick.net
1    52.45.41.168 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-41-168.compute-1.amazonaws.com
www.glancecdn.net
1    52.216.229.237 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    3.217.182.206 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-217-182-206.compute-1.amazonaws.com
kaspersky.marketlinc.com
1    136.147.57.7 (United States)

ASN14340 (SALESFORCE - Salesforce.com, Inc., US)
PTR: dcl3-dfw.la1-c2-dfw.salesforceliveagent.com
d.la1-c2-dfw.salesforceliveagent.com
Apex Domain
Subdomains		 Transfer
13 kasperskydaily.com
assets.kasperskydaily.com
328 KB
10 myvisualiq.net
vt.myvisualiq.net
t.myvisualiq.net
9 KB
6 adnxs.com
ib.adnxs.com
6 KB
6 tribalfusion.com
s.tribalfusion.com
a.tribalfusion.com
2 KB
5 owneriq.net
px.owneriq.net
6 KB
4 marketlinc.com
ove1.marketlinc.com
kaspersky.marketlinc.com
69 KB
4 demdex.net
dpm.demdex.net
kaspersky.demdex.net
3 KB
4 kaspersky.com
usa.kaspersky.com
media.kaspersky.com
118 KB
3 omtrdc.net
kaspersky.d3.sc.omtrdc.net
739 B
2 doubleclick.net
ad.doubleclick.net
803 B
2 rfihub.com
a.rfihub.com
20730592p.rfihub.com
634 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
6 KB
2 facebook.com
www.facebook.com
399 B
2 google-analytics.com
www.google-analytics.com
18 KB
2 facebook.net
connect.facebook.net
88 KB
2 googletagmanager.com
www.googletagmanager.com
109 KB
2 amazonaws.com
analytics-scripts.s3-eu-west-1.amazonaws.com
s3.amazonaws.com
15 KB
1 salesforceliveagent.com
d.la1-c2-dfw.salesforceliveagent.com
550 B
1 glancecdn.net
www.glancecdn.net
207 B
1 exelator.com
loadus.exelator.com
124 B
1 tapad.com
tapestry.tapad.com
307 B
1 postrelease.com
jadserve.postrelease.com
429 B
1 rfihub.net
c1.rfihub.net
7 KB
1 bizographics.com
sjs.bizographics.com
2 KB
1 everesttech.net
cm.everesttech.net
527 B
1 marketo.com
app-sj06.marketo.com
58 KB
0 atdmt.com Failed
cx.atdmt.com Failed
0 quantcount.com Failed
rules.quantcount.com Failed
0 usabilla.com Failed
w.usabilla.com Failed
0 contentsquare.net Failed
t.contentsquare.net Failed
0 xg4ken.com Failed
resources.xg4ken.com Failed
0 bing.com Failed
bat.bing.com Failed
0 google.de Failed
www.google.de Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 google.com Failed
www.google.com Failed
69 35
Domain Requested by
13 assets.kasperskydaily.com usa.kaspersky.com
app-sj06.marketo.com
9 t.myvisualiq.net 6 redirects
6 ib.adnxs.com 4 redirects
5 px.owneriq.net 2 redirects usa.kaspersky.com
px.owneriq.net
4 s.tribalfusion.com 4 redirects
3 ove1.marketlinc.com www.googletagmanager.com
usa.kaspersky.com
ove1.marketlinc.com
3 kaspersky.d3.sc.omtrdc.net media.kaspersky.com
usa.kaspersky.com
3 dpm.demdex.net 1 redirects media.kaspersky.com
usa.kaspersky.com
3 usa.kaspersky.com usa.kaspersky.com
2 ad.doubleclick.net 1 redirects
2 a.tribalfusion.com 2 redirects
2 www.facebook.com usa.kaspersky.com
2 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net usa.kaspersky.com
connect.facebook.net
2 www.googletagmanager.com usa.kaspersky.com
www.googletagmanager.com
1 d.la1-c2-dfw.salesforceliveagent.com ove1.marketlinc.com
1 kaspersky.marketlinc.com usa.kaspersky.com
1 s3.amazonaws.com
1 www.glancecdn.net 1 redirects
1 loadus.exelator.com
1 tapestry.tapad.com 1 redirects
1 20730592p.rfihub.com c1.rfihub.net
1 pixel.quantserve.com
1 a.rfihub.com c1.rfihub.net
1 jadserve.postrelease.com
1 vt.myvisualiq.net www.googletagmanager.com
1 secure.quantserve.com usa.kaspersky.com
1 c1.rfihub.net usa.kaspersky.com
1 sjs.bizographics.com www.googletagmanager.com
1 cm.everesttech.net 1 redirects
1 kaspersky.demdex.net media.kaspersky.com
1 media.kaspersky.com usa.kaspersky.com
1 analytics-scripts.s3-eu-west-1.amazonaws.com usa.kaspersky.com
1 app-sj06.marketo.com usa.kaspersky.com
0 cx.atdmt.com Failed
0 rules.quantcount.com Failed secure.quantserve.com
0 w.usabilla.com Failed usa.kaspersky.com
0 t.contentsquare.net Failed usa.kaspersky.com
0 resources.xg4ken.com Failed usa.kaspersky.com
0 bat.bing.com Failed usa.kaspersky.com
0 www.google.de Failed usa.kaspersky.com
0 px.ads.linkedin.com Failed usa.kaspersky.com
0 www.google.com Failed usa.kaspersky.com
69 43
Subject Issuer Validity Valid
usa.kaspersky.com
DigiCert SHA2 Secure Server CA		 2019-09-24 -
2020-09-28		 a year crt.sh
media.kasperskydaily.com
Amazon		 2019-06-28 -
2020-07-28		 a year crt.sh
app-sj06.marketo.com
CloudFlare Inc ECC CA-2		 2019-02-21 -
2020-02-21		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-09-06 -
2020-12-10		 a year crt.sh
media.kaspersky.com
Thawte RSA CA 2018		 2019-06-11 -
2020-06-10		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2019-04-23 -
2020-04-14		 a year crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA		 2018-04-13 -
2020-04-17		 2 years crt.sh
*.rfihub.net
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-04-25		 a year crt.sh
*.marketlinc.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-12 -
2020-10-15		 2 years crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2018-11-25 -
2020-02-24		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.myvisualiq.net
Amazon		 2018-12-12 -
2020-01-12		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.postrelease.com
Amazon		 2019-03-27 -
2020-04-27		 a year crt.sh
*.rfihub.com
DigiCert SHA2 Secure Server CA		 2019-08-27 -
2020-08-31		 a year crt.sh
t.myvisualiq.net
COMODO RSA Domain Validation Secure Server CA		 2017-07-05 -
2020-07-28		 3 years crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-09-06 -
2020-12-02		 a year crt.sh
la1-c2-dfw.salesforceliveagent.com
DigiCert SHA2 Secure Server CA		 2018-07-31 -
2020-07-30		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Frame ID: 2563919F26906C2AA3AC3AA3FA102B17
Requests: 65 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: 56839C9A5A4BE9652171AE0DA20621EC
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/1649d5fbb67c.js?lv=1
Frame ID: 9B4CADE9C8E8B608899DA56B3FD7C6BE
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=text%2Fhtml
Frame ID: 2D93C6EEB371AC15C2B22A73F5C0A818
Requests: 1 HTTP requests in this frame

Frame: https://20730592p.rfihub.com/ca.html?rfiidc=1041246332968855689&rfiaid=99c004de628143bcad55341ab1281d89&ver=9&rb=20707&ca=20730592&pe=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&pf=&ra=9458380835135562
Frame ID: E6F6C937B46A0F69D67339CF4D4F37CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

69
Requests

83 %
HTTPS

19 %
IPv6

35
Domains

43
Subdomains

29
IPs

9
Countries

836 kB
Transfer

3018 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://cm.everesttech.net/cm/dd?d_uuid=65106083670026028282389601872826547490 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xac9xQAAFDZrOTx0
Request Chain 28
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1038935830&t=pageview&_s=1&dl=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&dp=%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&ul=en-us&de=UTF-8&dt=Kaspersky%20Daily%20Blog%20%3E%20Error%20Page&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=558066641&gjid=990887503&cid=1319312242.1571241413&tid=UA-63997723-24&_gid=2019290512.1571241413&_r=1&gtm=2wga21WZ7LJ3&cd6=&cd7=&cd8=&cd9=&cd13=&cd14=en_US&cd17=Kaspersky%20Daily%20Blog%20%3E%20Error%20Page&cd18=Kaspersky%20Daily%20Blog&cd23=Default&cd37=0&cd40=0&cd16=1319312242.1571241413&z=1710453131 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63997723-24&cid=1319312242.1571241413&jid=558066641&_gid=2019290512.1571241413&gjid=990887503&_v=j79&z=1710453131 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63997723-24&cid=1319312242.1571241413&jid=558066641&_v=j79&z=1710453131
Request Chain 30
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1038935830&t=pageview&_s=1&dl=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&ul=en-us&de=UTF-8&dt=404%20%7C%20Kaspersky%20official%20blog&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEABB~&jid=1564630220&gjid=241877436&cid=1319312242.1571241413&tid=UA-35676203-24&_gid=2019290512.1571241413&_r=1&gtm=2wga21K974KNN&z=1647295364 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-24&cid=1319312242.1571241413&jid=1564630220&_gid=2019290512.1571241413&gjid=241877436&_v=j79&z=1647295364 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-24&cid=1319312242.1571241413&jid=1564630220&_v=j79&z=1647295364
Request Chain 43
  • https://s.tribalfusion.com/i.cid?c=724803&ev=0&page=ACQ HTTP 302
  • https://s.tribalfusion.com/z/i.cid?c=724803&ev=0&page=ACQ HTTP 302
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%2524TF_USER_ID_ENC%2524 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b26&u=96399078815500916&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/setuid?entity=305&code=18072662387734819028
Request Chain 45
  • https://s.tribalfusion.com/i.cid?c=705083&ev=0&page=Global HTTP 302
  • https://s.tribalfusion.com/z/i.cid?c=705083&ev=0&page=Global HTTP 302
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%2524TF_USER_ID_ENC%2524 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b26&u=3421401989031658792&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/setuid?entity=305&code=18072662387734819028
Request Chain 48
  • https://px.owneriq.net/eps?pt=8g8ylk&pid=5837&uid=Q6245278131497520611J&l=true HTTP 302
  • https://px.owneriq.net/noop?ct=text%2Fhtml
Request Chain 49
  • https://px.owneriq.net/j/?pt=8g8ylk&t=f%7C%22404%2520%257C%2520Kaspersky%2520official%2520blog%22&s=aytg HTTP 302
  • https://px.owneriq.net/noop?ct=application%2Fx-javascript
Request Chain 54
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
  • https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_92fd5021-f02d-11e9-b803-3ef041cd058c
Request Chain 55
  • https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
  • https://dpm.demdex.net/ibs:dpid=125310&dpuuid=b136709a-4c18-42bd-acdb-feb0d5f55f20&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
  • https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=65106083670026028282389601872826547490
Request Chain 56
  • https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=1260&buid=b136709a-4c18-42bd-acdb-feb0d5f55f20
Request Chain 57
  • https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%253A%252F%252Fad.doubleclick.net%252Fddm%252Ftrackimp%252FN408002.2426714VISUALIQ%252FB10122508.135768705%253Bdc_trk_aid%253D308294997%253Bdc_trk_cid%253D72954675%253Bsz%253D1x1%253Bu%253D-https%25253A%25252F%25252Fusa.kaspersky.com%25252Fblog%25252Foperation-puss-in-boots%25252F18768%25252F%2525257C%7CVIQ_%24%7BUUID%7D%7C%3Bord%3D8070751 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C%7CVIQ_0-83dfff00-15e8-4ed0-bbce-1f65d99dafdb%7C;ord=8070751 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_pre=CKS76LKSoeUCFcuYdwodQ9wKkg;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C%7CVIQ_0-83dfff00-15e8-4ed0-bbce-1f65d99dafdb%7C;ord=8070751
Request Chain 59
  • https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D238727726635232%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
  • https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=0-0d59ff9a-3e81-4dd5-b9d4-2d399bcac05e
Request Chain 61
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19510&site=production HTTP 302
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.6.0M.js

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %7C
usa.kaspersky.com/blog/operation-puss-in-boots/18768/ 		91 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
c4bdb282bb5632c26c5bc369c2f88a76d7c194b6fc7e0d78c69d4e357ff4cb36
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://*.3gl.net https://*.abmr.net https://*.demdex.net https://*.everesttech.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.infogram.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.maxymiser.net https://*.mktoresp.com https://*.omtrdc.net https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.veinteractive.com https://*.yandex.ru https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kaspersky.admo.tv:9999 https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com wss://kaspersky.admo.tv:9999; default-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; font-src 'self' data: https://*.cloudfront.net https://*.gstatic.com https://*.kaspersky.com https://*.maxymiser.net https://*.slideshare.net https://*.slidesharecdn.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; frame-src 'self' https://*.addthis.com https://*.adsrvr.org https://*.ampproject.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.infogram.com https://*.instagram.com https://*.kaspersky.com https://*.libsyn.com https://*.marketo.com https://*.maxymiser.net https://*.owneriq.net https://*.rfihub.com https://*.sharethis.com https://*.slideshare.net https://*.soundcloud.com https://*.twitter.com https://*.veinteractive.com https://*.wp.com https://*.youtube.com https://amuselabs.com https://cdn.knightlab.com https://cdn.securelist.com https://cyberstat.kaspersky.com https://infogram.com https://kaspersky.demdex.net https://maxymiser.net https://media.kasperskydaily.com https://pixel.mathtag.com https://player.vimeo.com https://s-static.ak.facebook.com https://servedby.flashtalking.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.brighttalk.com https://www.kaspersky.com https://www.opinionstage.com https://www.riddle.com; img-src 'self' data: http://*.cloudfront.net http://*.imgix.net http://*.ipinyou.com http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://i0.poll.fm https://*.addthis.com https://*.admixer.net https://*.adnxs.com https://*.adriver.ru https://*.advertising.com https://*.behe.com https://*.betweendigital.com https://*.bidswitch.net https://*.bing.com https://*.btrll.com https://*.casalemedia.com https://*.cloudfront.net https://*.crwdcntrl.net https://*.demdex.net https://*.digitaltarget.ru https://*.dotomi.com https://*.doubleclick.net https://*.everesttech.net https://*.exelator.com https://*.eyeota.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.imgix.net https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.marketgid.com https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.netdna-cdn.com https://*.omtrdc.net https://*.openx.net https://*.owneriq.net https://*.postrelease.com https://*.pubmatic.com https://*.qq.com https://*.rubiconproject.com https://*.rutarget.ru https://*.sharethis.com https://*.staticflickr.com https://*.stickyadstv.com https://*.tanx.com https://*.tapad.com https://*.tradelab.fr https://*.tribalfusion.com https://*.twimg.com https://*.twitter.com https://*.undertone.com https://*.v12group.com https://*.veinteractive.com https://*.w55c.net https://*.wordpress.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yieldlab.net https://*.youku.com https://ad.mail.ru https://addevent.com https://adm.shinobi.jp https://adsearch.adkontekst.pl https://assets.kasperskydaily.com https://bh.contextweb.com https://cdn.securelist.com https://ckm.aty.sohu.com https://cm.fastapi.net https://cm.pos.baidu.com https://cm.qtmojo.com https://csi.gstatic.com https://exelatesync.extend.tv https://geo.yahoo.com https://images.telechargement.fr https://inpagevideo.nl https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.one.impact-ad.jp https://maps.googleapis.com https://maxymiser.net https://media.kasperskydaily.com https://pixel.quantserve.com https://pixel.s3xified.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3.amazonaws.com https://scontent.cdninstagram.com https://ssl.socdm.com https://stats.g.doubleclick.net https://stats.seedr.com https://t.co https://tagmanager.google.com https://track.addevent.com https://ums.adtech.de https://usa.kaspersky.com/blog https://vmg.host https://www.emjcd.com https://www.google.hr https://www.riddle.com https://www.tag4arm.com; media-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; object-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://player.vimeo.com https://polldaddy.com https://usa.kaspersky.com/blog https://www.riddle.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.3gl.net https://*.addevent.com https://*.addthis.com https://*.adnxs.com https://*.adsrvr.org https://*.airpr.com https://*.ampproject.org https://*.bazaarvoice.com https://*.behe.com https://*.bizographics.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.marketo.com https://*.marketo.net https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.optimizely.com https://*.owneriq.net https://*.polldaddy.com https://*.quantserve.com https://*.rfihub.com https://*.rfihub.net https://*.rutarget.ru https://*.salesforceliveagent.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.veinteractive.com https://*.volvelle.tech https://*.woopra.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yimg.com https://*.yimg.jp https://adcdn.goo.ne.jp https://addthisevent.com https://analytics-scripts.s3-eu-west-1.amazonaws.com https://assets.adobedtm.com https://assets.kasperskydaily.com https://bwb101.goo.ne.jp https://cdn.onesignal.com https://cdn.securelist.com https://cdn.tradelab.fr https://cdn.trmit.com https://connect.facebook.net https://connect.mail.ru https://external-assets.loyaltybay.co.uk https://kaspersky.admo.tv https://kaspersky.d2.sc.omtrdc.net https://m.addthis.com https://m.addthisedge.com https://maxymiser.net https://media.kasperskydaily.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://s3.amazonaws.com https://share.yandex.ru/ https://sp.analytics.yahoo.com https://static.ads-twitter.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.glancecdn.net https://www.googleadservices.com https://www.googletagmanager.com https://www.linkedin.com https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com; style-src 'self' 'unsafe-inline' https://*.cloudfront.net https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.maxymiser.net https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.riddle.com; worker-src 'self' blob: data: file: filesystem: https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com unsafe-eval unsafe-inline
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
usa.kaspersky.com
:scheme
https
:path
/blog/operation-puss-in-boots/18768/%7C
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
404
server
nginx
date
Wed, 16 Oct 2019 15:56:50 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-security-policy
connect-src 'self' https://*.3gl.net https://*.abmr.net https://*.demdex.net https://*.everesttech.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.infogram.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.maxymiser.net https://*.mktoresp.com https://*.omtrdc.net https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.veinteractive.com https://*.yandex.ru https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kaspersky.admo.tv:9999 https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com wss://kaspersky.admo.tv:9999; default-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; font-src 'self' data: https://*.cloudfront.net https://*.gstatic.com https://*.kaspersky.com https://*.maxymiser.net https://*.slideshare.net https://*.slidesharecdn.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; frame-src 'self' https://*.addthis.com https://*.adsrvr.org https://*.ampproject.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.infogram.com https://*.instagram.com https://*.kaspersky.com https://*.libsyn.com https://*.marketo.com https://*.maxymiser.net https://*.owneriq.net https://*.rfihub.com https://*.sharethis.com https://*.slideshare.net https://*.soundcloud.com https://*.twitter.com https://*.veinteractive.com https://*.wp.com https://*.youtube.com https://amuselabs.com https://cdn.knightlab.com https://cdn.securelist.com https://cyberstat.kaspersky.com https://infogram.com https://kaspersky.demdex.net https://maxymiser.net https://media.kasperskydaily.com https://pixel.mathtag.com https://player.vimeo.com https://s-static.ak.facebook.com https://servedby.flashtalking.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.brighttalk.com https://www.kaspersky.com https://www.opinionstage.com https://www.riddle.com; img-src 'self' data: http://*.cloudfront.net http://*.imgix.net http://*.ipinyou.com http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://i0.poll.fm https://*.addthis.com https://*.admixer.net https://*.adnxs.com https://*.adriver.ru https://*.advertising.com https://*.behe.com https://*.betweendigital.com https://*.bidswitch.net https://*.bing.com https://*.btrll.com https://*.casalemedia.com https://*.cloudfront.net https://*.crwdcntrl.net https://*.demdex.net https://*.digitaltarget.ru https://*.dotomi.com https://*.doubleclick.net https://*.everesttech.net https://*.exelator.com https://*.eyeota.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.imgix.net https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.marketgid.com https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.netdna-cdn.com https://*.omtrdc.net https://*.openx.net https://*.owneriq.net https://*.postrelease.com https://*.pubmatic.com https://*.qq.com https://*.rubiconproject.com https://*.rutarget.ru https://*.sharethis.com https://*.staticflickr.com https://*.stickyadstv.com https://*.tanx.com https://*.tapad.com https://*.tradelab.fr https://*.tribalfusion.com https://*.twimg.com https://*.twitter.com https://*.undertone.com https://*.v12group.com https://*.veinteractive.com https://*.w55c.net https://*.wordpress.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yieldlab.net https://*.youku.com https://ad.mail.ru https://addevent.com https://adm.shinobi.jp https://adsearch.adkontekst.pl https://assets.kasperskydaily.com https://bh.contextweb.com https://cdn.securelist.com https://ckm.aty.sohu.com https://cm.fastapi.net https://cm.pos.baidu.com https://cm.qtmojo.com https://csi.gstatic.com https://exelatesync.extend.tv https://geo.yahoo.com https://images.telechargement.fr https://inpagevideo.nl https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.one.impact-ad.jp https://maps.googleapis.com https://maxymiser.net https://media.kasperskydaily.com https://pixel.quantserve.com https://pixel.s3xified.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3.amazonaws.com https://scontent.cdninstagram.com https://ssl.socdm.com https://stats.g.doubleclick.net https://stats.seedr.com https://t.co https://tagmanager.google.com https://track.addevent.com https://ums.adtech.de https://usa.kaspersky.com/blog https://vmg.host https://www.emjcd.com https://www.google.hr https://www.riddle.com https://www.tag4arm.com; media-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; object-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://player.vimeo.com https://polldaddy.com https://usa.kaspersky.com/blog https://www.riddle.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.3gl.net https://*.addevent.com https://*.addthis.com https://*.adnxs.com https://*.adsrvr.org https://*.airpr.com https://*.ampproject.org https://*.bazaarvoice.com https://*.behe.com https://*.bizographics.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.marketo.com https://*.marketo.net https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.optimizely.com https://*.owneriq.net https://*.polldaddy.com https://*.quantserve.com https://*.rfihub.com https://*.rfihub.net https://*.rutarget.ru https://*.salesforceliveagent.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.veinteractive.com https://*.volvelle.tech https://*.woopra.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yimg.com https://*.yimg.jp https://adcdn.goo.ne.jp https://addthisevent.com https://analytics-scripts.s3-eu-west-1.amazonaws.com https://assets.adobedtm.com https://assets.kasperskydaily.com https://bwb101.goo.ne.jp https://cdn.onesignal.com https://cdn.securelist.com https://cdn.tradelab.fr https://cdn.trmit.com https://connect.facebook.net https://connect.mail.ru https://external-assets.loyaltybay.co.uk https://kaspersky.admo.tv https://kaspersky.d2.sc.omtrdc.net https://m.addthis.com https://m.addthisedge.com https://maxymiser.net https://media.kasperskydaily.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://s3.amazonaws.com https://share.yandex.ru/ https://sp.analytics.yahoo.com https://static.ads-twitter.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.glancecdn.net https://www.googleadservices.com https://www.googletagmanager.com https://www.linkedin.com https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com; style-src 'self' 'unsafe-inline' https://*.cloudfront.net https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.maxymiser.net https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.riddle.com; worker-src 'self' blob: data: file: filesystem: https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com unsafe-eval unsafe-inline
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://usa.kaspersky.com/blog/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/poll/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/trivia/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/personality/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/survey/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/slideshow/dist/blocks.style.build.css,wp-content/plugins/social-polls-by-opinionstage/gutenberg/form/dist/blocks.style.build.css,wp-content/plugins/kaspersky-app-banners/lib/smartbanner/jquery.smartbanner.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css&ver=1abc160a
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
3f0a54b64a9f268dbcd9d55d0025c2405287310951cce80b0d0c0beadb76839d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 08:00:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
28556
x-cache
Hit from cloudfront
status
200
content-length
6269
last-modified
Tue, 15 Oct 2019 07:59:47 GMT
server
nginx
x-cache-hit
HIT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vzTW34ZgRgCALv_XVqDHLxvVJyKRh0Jq1FkyOVHu2RiSRIPUwU6a1A==
expires
Thu, 17 Oct 2019 08:00:03 GMT
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/ 		456 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
78387c5f1139254d8aeb190e671e4274d70dd6266896daeafb5da49d8869b7d5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 08:00:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
28556
x-cache
Hit from cloudfront
status
200
content-length
66579
last-modified
Tue, 15 Oct 2019 07:59:47 GMT
server
nginx
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-cache-hit
HIT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
hDOUA9y7XY-Dz-_G5FLAlxFGY5tvERW3FwCevpQWXjKIPjkh3Vh5wQ==
expires
Wed, 16 Oct 2019 08:00:00 GMT
forms2.min.js
app-sj06.marketo.com/js/forms2/js/ 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-sj06.marketo.com/js/forms2/js/forms2.min.js?ver=1.0.1
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
321bbcc4cc57483b7e329186e5159498b668ddde87cb64696ddcdc95176cce82
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
4300
status
200
vary
Accept-Encoding
last-modified
Wed, 25 Sep 2019 18:55:06 GMT
server
cloudflare
etag
"320f6f-2a536-5936530f69680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
526b39a4eaa8d721-FRA
expires
Wed, 16 Oct 2019 19:56:51 GMT
jquery.js
usa.kaspersky.com/blog/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usa.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Wed, 16 Oct 2019 15:56:51 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 20:47:26 GMT
server
nginx
etag
W/"5da4dede-17a69"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=604800, public
x-request-id
62d812703a3f5f9fd320038f6e07cc09
expires
Wed, 23 Oct 2019 15:56:51 GMT
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/ 		176 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-banners/assets/js/script.js,wp-content/plugins/kaspersky-related-posts/assets/js/script.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile.custom.min.js,wp-includes/js/imagesloaded.min.js,wp-includes/js/masonry.min.js,wp-content/themes/daily-nxgen/assets/js/modernizr-2.6.2.min.js,wp-content/themes/daily-nxgen/assets/js/admin-bar.js&ver=1abc160a
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e6f43e2bb5356e5a42b110bbd4bc0e522ca6afce2e8b69850f4f3db1f275fdea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 08:03:52 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
status
200
content-length
52143
last-modified
Tue, 15 Oct 2019 07:59:47 GMT
server
nginx
x-cache-hit
HIT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-id
N4R9KQMjBQP8U79OOLdL_b14BTlmn6122GWQWkJq2J4SCa1gVp9iLw==
expires
Wed, 16 Oct 2019 08:02:13 GMT
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/js/mobile.js,wp-content/themes/daily-nxgen/assets/js/scripts.js,wp-content/plugins/kaspersky-instagram/js/jquery.magnific-popup.min.js,wp-content/plugins/kaspersky-instagram/js/widget.js,wp-content/plugins/kaspersky-social-sharing-daily/assets/js/social-share.js,wp-content/plugins/kaspersky-social-sharing-daily/assets/js/custom.js&ver=1abc160a
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
03bbca6c8d36e46a06ed00435438ef0ec611563100a06f55e937e5b3749a3dba
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 08:00:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
28556
x-cache
Hit from cloudfront
status
200
content-length
18597
last-modified
Tue, 15 Oct 2019 07:59:47 GMT
server
nginx
x-cache-hit
HIT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
w8p8X4AzpJSdTIWhIv-5h38IyjlyfY6g4SngGa_76soQhe4RL7eaxw==
expires
Thu, 17 Oct 2019 06:12:06 GMT
daily-events.js
analytics-scripts.s3-eu-west-1.amazonaws.com/kaspersky-daily/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-scripts.s3-eu-west-1.amazonaws.com/kaspersky-daily/daily-events.js
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.52.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
386d40859a290db4b20f811bf7c698c1f629cd10b9ab9a9edd71d2453b0c8e1e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:52 GMT
Last-Modified
Tue, 17 Sep 2019 11:45:24 GMT
Server
AmazonS3
x-amz-request-id
22129BFA637296F8
ETag
"e025ae184ead6165a2cb5a4800ba4b2d"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5483
x-amz-id-2
IrL0DfwicZw2mSp70ksTdil8aQRiLvILplGt3IJ9SeKpALUw0SLoFUKxPGJkLlnfgbcENy5SqiE=
s_code_single_suite.js
media.kaspersky.com/tracking/omniture/ 		242 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.2.4
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.74.178.23 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
f558bac4b91c6b46d97078d0792594dce9cd5abb24a406830241ad7ff6a04ec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
etag
"805fa9611484d51:0"
x-powered-by
Kaspersky Labs, Kaspersky Labs
status
200
content-length
65459
x-xss-protection
1; mode=block
last-modified
Wed, 16 Oct 2019 11:25:15 GMT
server
x-frame-options
SAMEORIGIN
date
Wed, 16 Oct 2019 15:56:50 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-server
msk1/MSK5
accept-ranges
bytes
x-content-type-options
nosniff
/
assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-app-banners/lib/smartbanner/jquery.smartbanner.js,wp-content/plugins/kaspersky-app-banners/js/config.min.js,wp-content/plugins/social-polls-by-opinionstage/public/js/shortcodes.js,wp-includes/js/wp-embed.min.js&ver=1abc160a
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
87eb550b748e26de85524905623371dbdb23475ef6973465b364fd60defc84f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 08:01:42 GMT
content-encoding
gzip
vary
Accept-Encoding
age
27759
x-cache
Hit from cloudfront
status
200
content-length
4031
last-modified
Tue, 15 Oct 2019 07:59:46 GMT
server
nginx
x-cache-hit
MISS
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7kxTgvJTXll1zsKS1Dq8ZJXlSSS6PtDnMLqWldNtAj4pY9qkW7e7DA==
expires
Wed, 16 Oct 2019 08:01:42 GMT
Museo-SansCyrl-300.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-300.woff2
Requested by
Host: app-sj06.marketo.com
URL: https://app-sj06.marketo.com/js/forms2/js/forms2.min.js?ver=1.0.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
de892addc549d85b9fd5d5c2f77a4dd96fbe4ec11542d6cf7232fab6ccabae5d

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
Origin
https://usa.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 18 Jul 2019 00:10:06 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age
7832805
x-cache
Hit from cloudfront
status
200
content-length
30844
pragma
public
last-modified
Wed, 17 Jul 2019 12:02:07 GMT
server
nginx
etag
"5d2f0e3f-787c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
4wOZPaOdea5sFwCHymaQ6mR0b-9cpmOH6P5rOoVx069I8z7G6HbvuA==
expires
Fri, 17 Jul 2020 00:10:06 GMT
gtm.js
www.googletagmanager.com/ 		487 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44d3f91b29376c75b39de7abdb1ca4010175e2494dbfe4c535a70e94718236f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:56:53 GMT
content-encoding
br
last-modified
Wed, 16 Oct 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84318
x-xss-protection
0
expires
Wed, 16 Oct 2019 15:56:53 GMT
fbevents.js
connect.facebook.net/en_US/ 		105 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0629946fe142c676784daa479fe86526051bfa44bdeb5e3f4608fa22b8e153ae
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
23413
x-xss-protection
0
pragma
public
x-fb-debug
kdNCLDBs7Ptxu3h/bUFQRoW4MwUnL5smzK8Uz9j7nkwtPz5y1op9cUCpbj5YQ1d12nQiLegL5IQ+ZKmiLLamrQ==
x-fb-trip-id
136226023
x-frame-options
DENY
date
Wed, 16 Oct 2019 15:56:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
kaspersky_logo.svg
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/images/kaspersky_logo.svg?ver=20190619
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
4f24864d27bfaffc860ad3f2648709b60153abbeb7ec502552ab987a18d0ff4f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Tue, 15 Oct 2019 01:08:57 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 15:32:54 GMT
server
nginx
age
139676
etag
W/"5d9614a6-b43"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=604800, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
pkhvMPxxgttd9aaUeTkq-krP3cu73J7kztJmhwSBEDOuazXTdfhuFA==
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
expires
Tue, 15 Oct 2019 00:57:49 GMT
kaspersky-daily_logo.svg
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/images/kaspersky-daily_logo.svg?ver=20190619
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
0e409bb24dfc019e40b9a9216840ae95d6ba8c6061e60e3dac334787e0d6233e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Tue, 15 Oct 2019 01:08:57 GMT
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 15:32:54 GMT
server
nginx
age
139676
etag
W/"5d9614a6-4be"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=604800, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_l1vQAqUJDTH3pXFgFP24e4Cwf5e1yTOnzclWZw8iLcXJbooha2nEQ==
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
expires
Tue, 15 Oct 2019 00:57:49 GMT
font-icons.ttf
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/font-icons/ 		34 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/font-icons/font-icons.ttf?p2bytm
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
20c44a2b00fbdf68041dbfacf8b61d07267786208e0495eb8b7f15b2d26300d9

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
Origin
https://usa.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 18 Jul 2019 01:10:40 GMT
content-encoding
gzip
age
7829173
x-cache
Hit from cloudfront
status
200
pragma
public
access-control-allow-origin
*
last-modified
Wed, 17 Jul 2019 12:02:07 GMT
server
nginx
vary
Accept-Encoding
content-type
application/font-sfnt
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
TGmFWLqXAYdO3g_w2fh9jdsOdGZ003PDEZn8GCvZjiThgkxQ99ARHA==
expires
Fri, 17 Jul 2020 01:10:40 GMT
Museo-SansCyrl-500.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-500.woff2
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d730bb6fbbbd41c6dbbc93a37860904fd6e8cdb2c3029efd2eb7104ae41586ce

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
Origin
https://usa.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 18 Jul 2019 00:21:37 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age
7832116
x-cache
Hit from cloudfront
status
200
content-length
31176
pragma
public
last-modified
Wed, 17 Jul 2019 12:02:07 GMT
server
nginx
etag
"5d2f0e3f-79c8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
ldb_C4F2xeysKui5cQXWo7eW7a5RcVy3OsTXEAWLbin5ljFHHzr1YA==
expires
Fri, 17 Jul 2020 00:21:37 GMT
Museo-SansCyrl-700.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-700.woff2
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b652721e972ad17bfe8aab3616e4735ccf031e3ed595128c15a5c095f57c61a4

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
Origin
https://usa.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:18:04 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age
9185929
x-cache
Hit from cloudfront
status
200
content-length
31092
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:48 GMT
server
nginx
etag
"5d14ef74-7974"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
ZwdYunOuwgbYCyeMOZw9LGa0zZB5R3pJ9TtC2sxpWtjD_ySNEYCvNg==
expires
Wed, 01 Jul 2020 08:18:04 GMT
Museo-SansCyrl-300Italic.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-300Italic.woff2
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
6dd21f48efae5a31b9f4042a2801d3a71f2c8c8fb93a121395dd44bf01fb37ff

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
Origin
https://usa.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 17 Jul 2019 14:05:07 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age
7869106
x-cache
Hit from cloudfront
status
200
content-length
32596
pragma
public
last-modified
Wed, 17 Jul 2019 12:02:07 GMT
server
nginx
etag
"5d2f0e3f-7f54"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
PM4FuCl9WFSU3hqrPdWSmYqTM-jgdRrmi4Z7r_9TqEg0cFzl523cWQ==
expires
Thu, 16 Jul 2020 14:05:07 GMT
Museo-SansCyrl-700Italic.woff2
assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.kasperskydaily.com/wp-content/themes/daily-nxgen/assets/fonts/museo/Museo-SansCyrl-700Italic.woff2
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:de00:12:5eb9:fe40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d7c02bfd05f418c18d9926ecd9bb0a14da25e22bdc02ecd42c0c948940e5ba23

Request headers

Sec-Fetch-Mode
cors
Referer
https://assets.kasperskydaily.com/blog/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/daily-nxgen/assets/fonts/museo/stylesheet.css,wp-content/themes/daily-nxgen/assets/libs/font-awesome/css/font-awesome.min.css,wp-content/themes/daily-nxgen/assets/libs/jquery.mobile-1.4.2.min.css,wp-content/themes/daily-nxgen/assets/build/style.min.css,wp-content/plugins/kaspersky-instagram/css/magnific-popup.css,wp-content/plugins/kaspersky-instagram/css/widget.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.full.css,wp-content/plugins/kaspersky-social-sharing-daily/assets/css/custom.mobile.css&ver=1abc160a
Origin
https://usa.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 08:21:41 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age
9185712
x-cache
Hit from cloudfront
status
200
content-length
32964
pragma
public
last-modified
Thu, 27 Jun 2019 16:31:48 GMT
server
nginx
etag
"5d14ef74-80c4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
6TM93c3ftvh8WD-LqXQlQWgo0gGWibLFo2i6INe9MyJ4WunOQOdtVw==
expires
Wed, 01 Jul 2020 08:21:41 GMT
id
dpm.demdex.net/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1571241413283
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.2.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.143.140 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-240-143-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4a1f77bec568fe4ebd6bf3030cd2a6ea7dffd250618239a16e1eb80f00e232f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v048-085199d94.edge-irl1.demdex.com 5.61.0.20191015084456 2ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
E21Wu1EMSH0=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://usa.kaspersky.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
303
Expires
Thu, 01 Jan 1970 00:00:00 GMT
admin-ajax.php
usa.kaspersky.com/blog/wp-admin/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usa.kaspersky.com/blog/wp-admin/admin-ajax.php
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
*/*
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 16 Oct 2019 15:56:53 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
nginx
status
200
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://usa.kaspersky.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
195d14003134802cdaf681c1327d6bd4
expires
Wed, 11 Jan 1984 05:00:00 GMT
839281392784015
connect.facebook.net/signals/config/ 		281 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/839281392784015?v=2.9.6&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
072e5bf907e6519b9ce143ee8d7b8ea9309bd39646c80074a14fa0f4bacfda6f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
66691
x-xss-protection
0
pragma
public
x-fb-debug
CZq/14cm+K8R2j4hLioGMPmdLLvUFIXLmJiwAt5goJY4biox098FMi6KzJ4zTcQWRP4RJCYMRB7Oalk/oeQEgA==
x-fb-trip-id
136226023
x-frame-options
DENY
date
Wed, 16 Oct 2019 15:56:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1337
date
Wed, 16 Oct 2019 15:34:36 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 16 Oct 2019 17:34:36 GMT
gtm.js
www.googletagmanager.com/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K974KNN&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1a97fdfbc6a6e8959c17a13aa2ac2d0dc9cef05b5dcd2ff49a249246e807bc2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:56:53 GMT
content-encoding
br
last-modified
Wed, 16 Oct 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27054
x-xss-protection
0
expires
Wed, 16 Oct 2019 15:56:53 GMT
/
www.facebook.com/tr/ 		44 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&rl=&if=false&ts=1571241413454&sw=1600&sh=1200&v=2.9.6&r=stable&ec=0&o=30&fbp=fb.1.1571241413453.692207278&it=1571241413349&coo=false&rqm=GET
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:56:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 16 Oct 2019 15:56:53 GMT
Cookie set dest5.html
kaspersky.demdex.net/ Frame 5683 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://kaspersky.demdex.net/dest5.html?d_nsid=0
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.2.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.7.139 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-7-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
kaspersky.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Accept-Encoding
gzip, deflate, br
Cookie
demdex=65106083670026028282389601872826547490
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 16 Oct 2019 10:32:32 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=65106083670026028282389601872826547490;Path=/;Domain=.demdex.net;Expires=Mon, 13-Apr-2020 15:56:53 GMT;Max-Age=15552000
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
CfjBHOYPTGY=
Content-Length
2764
Connection
keep-alive
id
kaspersky.d3.sc.omtrdc.net/ 		3 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.3.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=60530385554949988063419208004519236472&ts=1571241413463
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.49.100.189 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-100-189.eu-west-1.compute.amazonaws.com
Software
jag /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Wed, 16 Oct 2019 15:56:53 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-64d5676c7b-p8cdm
vary
Origin
x-c
master-1047.I1d1c81.M0-302
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://usa.kaspersky.com
access-control-allow-credentials
true
content-type
application/x-javascript
content-length
3
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Xac9xQAAFDZrOTx0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=65106083670026028282389601872826547490
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xac9xQAAFDZrOTx0
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xac9xQAAFDZrOTx0
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.143.140 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-240-143-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v048-0a1e13108.edge-irl1.demdex.com 5.61.0.20191015084456 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
wtom8dghRvo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 16 Oct 2019 15:56:52 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xac9xQAAFDZrOTx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1038935830&t=pageview&_s=1&dl=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&dp=%2Fblog%2Foperation-puss-in...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63997723-24&cid=1319312242.1571241413&jid=558066641&_gid=2019290512.1571241413&gjid=990887503&_v=j79&z=1710453131
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63997723-24&cid=1319312242.1571241413&jid=558066641&_v=j79&z=1710453131
0
0
insight.min.js
sjs.bizographics.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K974KNN&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:293::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=11550
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1038935830&t=pageview&_s=1&dl=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&ul=en-us&de=UTF-8&dt=404...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-24&cid=1319312242.1571241413&jid=1564630220&_gid=2019290512.1571241413&gjid=241877436&_v=j79&z=1647295364
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-24&cid=1319312242.1571241413&jid=1564630220&_v=j79&z=1647295364
0
0
collect
px.ads.linkedin.com/ 		0
0
ga-audiences
www.google.de/ads/ 		0
0
ga-audiences
www.google.de/ads/ 		0
0
s56472498367400
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.15.0/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.15.0/s56472498367400?AQB=1&ndh=1&pf=1&t=16%2F9%2F2019%2017%3A56%3A53%203%20-120&mid=60530385554949988063419208004519236472&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=Kaspersky%20Daily%20Blog%20%3E%20Error%20Page&g=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&cc=USD&ch=Kaspersky%20Daily%20Blog&server=usa.kaspersky.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v3=Kaspersky%20Daily%20Blog%20%3E%20Error%20Page&v9=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&c20=undefined%3Aundefined%3Aundefined%3Aundefined%3Aundefined%3Aundefined&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20191016%3A235%3AKaspersky%20Daily%20Blog%3A%5BNULL%5D&c31=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Kaspersky%20Daily%20Blog&c56=en-US&c57=en-us&v57=D%3Dc57&c58=404%20%7C%20Kaspersky%20official%20blog&v71=v1%3APage%20View%3A%5BNULL%5D&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.49.100.189 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-100-189.eu-west-1.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:56:53 GMT
x-content-type-options
nosniff
x-c
master-1047.I1d1c81.M0-302
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 17 Oct 2019 15:56:53 GMT
server
jag
xserver
anedge-64d5676c7b-g9cmn
etag
3374215241563209728-4619580434106980831
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 15 Oct 2019 15:56:53 GMT
tc.min.js
c1.rfihub.net/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.101 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-101.deploy.static.akamaitechnologies.com
Software
Jetty(9.0.6.v20130930) /
Resource Hash
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 06:34:16 GMT
Server
Jetty(9.0.6.v20130930)
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
6375
Expires
Wed, 16 Oct 2019 16:56:53 GMT
bat.js
bat.bing.com/ 		0
0
deployment.js
ove1.marketlinc.com/public/js/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ove1.marketlinc.com/public/js/deployment.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.127.232 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-152-127-232.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3cdbb5e3e5faaee15b0f023599fc52b7f8fc54aa996b4c9af542749091d2929d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:53 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 May 2019 05:59:48 GMT
Server
Cowboy
Etag
W/"41794-1557554388000"
Content-Type
application/javascript
Via
1.1 vegur
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11569
Expires
-1
8g8ylk.js
px.owneriq.net/stas/s/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/stas/s/8g8ylk.js
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.61.90 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-61-90.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7d4b909738dbd9ff7ec7940b095f8b4c90c85d0f715dd8b1a48fa26fba897610

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2017 01:23:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Content-Length
4924
Expires
Thu, 17 Oct 2019 13:31:44 GMT
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.188 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16-Oct-2019 15:56:53 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Wed, 23 Oct 2019 15:56:53 GMT
ktag.js
resources.xg4ken.com/js/v2/ 		0
0
vt-131.js
vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/vt-131.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.70 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bcd46724505389322186071ecea7ce07ebe47b698e06fff82e407eef816ebe4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 09:17:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Sep 2018 19:51:26 GMT
Server
AmazonS3
Age
21045
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
F8T7lWA5pnIVD_40IlltyXaHndEPlHdq
Via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
Content-Type
application/x-javascript
X-Amz-Cf-Id
LL8DxMFb7YLsEnK3cSwwkneYuJwZPJtg635oMGMhGrPq1Njutr4_Sw==
2c47087421d0b.js
t.contentsquare.net/uxa/ 		0
0
setuid
ib.adnxs.com/
Redirect Chain
  • https://s.tribalfusion.com/i.cid?c=724803&ev=0&page=ACQ
  • https://s.tribalfusion.com/z/i.cid?c=724803&ev=0&page=ACQ
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%...
  • https://a.tribalfusion.com/i.match?p=b26&u=96399078815500916&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/setuid?entity=305&code=18072662387734819028
43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=305&code=18072662387734819028
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 15:56:57 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.68:80
AN-X-Request-Uuid
e85ba05e-c849-48ce-b221-192e31891d93
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Oct 2019 15:56:54 GMT
x-function
209
x-reuse-index
95
status
302
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://ib.adnxs.com/setuid?entity=305&code=18072662387734819028
cache-control
no-cache, private
content-type
text/html
content-length
36
expires
Thu, 01 Jan 1970 00:00:00 GMT
rt.gif
jadserve.postrelease.com/ 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/rt.gif?ntv_tg=CQAAAEAAAAsBACAA%3D%3D&gtmcb=1261428018
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.18.231.235 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-50-18-231-235.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 15:56:54 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
setuid
ib.adnxs.com/
Redirect Chain
  • https://s.tribalfusion.com/i.cid?c=705083&ev=0&page=Global
  • https://s.tribalfusion.com/z/i.cid?c=705083&ev=0&page=Global
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%...
  • https://a.tribalfusion.com/i.match?p=b26&u=3421401989031658792&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/setuid?entity=305&code=18072662387734819028
43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=305&code=18072662387734819028
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 15:56:57 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.173:80
AN-X-Request-Uuid
d7927cf5-b097-48f2-97c1-427b7829d63e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Oct 2019 15:56:54 GMT
x-function
209
x-reuse-index
43
status
302
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://ib.adnxs.com/setuid?entity=305&code=18072662387734819028
cache-control
no-cache, private
content-type
text/html
content-length
36
expires
Thu, 01 Jan 1970 00:00:00 GMT
1649d5fbb67c.js
w.usabilla.com/ Frame 9B4C 		0
0
idr.js
a.rfihub.com/ 		83 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.128 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
30d78eb5de1153c9907bb5f60a390b947d1cf1b6ceafafcd9755a73182fa1c74

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Mon, 09 Nov 2020 15:56:53 GMT
Cache-Control
public, max-age=33696000
Server
Jetty(9.0.6.v20130930)
Content-Type
application/javascript
Content-Length
83
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
noop
px.owneriq.net/ Frame 2D93
Redirect Chain
  • https://px.owneriq.net/eps?pt=8g8ylk&pid=5837&uid=Q6245278131497520611J&l=true
  • https://px.owneriq.net/noop?ct=text%2Fhtml
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/noop?ct=text%2Fhtml
Requested by
Host: px.owneriq.net
URL: https://px.owneriq.net/stas/s/8g8ylk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.61.90 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-61-90.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
px.owneriq.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
0
Content-Type
text/html
Date
Wed, 16 Oct 2019 15:56:53 GMT
Connection
keep-alive

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://px.owneriq.net/noop?ct=text%2Fhtml
Date
Wed, 16 Oct 2019 15:56:53 GMT
Connection
keep-alive
noop
px.owneriq.net/
Redirect Chain
  • https://px.owneriq.net/j/?pt=8g8ylk&t=f%7C%22404%2520%257C%2520Kaspersky%2520official%2520blog%22&s=aytg
  • https://px.owneriq.net/noop?ct=application%2Fx-javascript
0
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/noop?ct=application%2Fx-javascript
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.61.90 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-61-90.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:53 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
application/x-javascript

Redirect headers

Location
https://px.owneriq.net/noop?ct=application%2Fx-javascript
Date
Wed, 16 Oct 2019 15:56:53 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
rules-p-CRy9tA-v0aTsa.js
rules.quantcount.com/ 		0
0
pixel;r=272291897;rf=1;a=p-CRy9tA-v0aTsa;url=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C;fpan=1;fpa=P0-584985099-1571241413788;ns=0;ce=1;qjs=1;qv=4c19192-201806...
pixel.quantserve.com/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=272291897;rf=1;a=p-CRy9tA-v0aTsa;url=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C;fpan=1;fpa=P0-584985099-1571241413788;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1571241413788;tzo=-120;ogl=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.182 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 15:56:53 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set ca.html
20730592p.rfihub.com/ Frame E6F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://20730592p.rfihub.com/ca.html?rfiidc=1041246332968855689&rfiaid=99c004de628143bcad55341ab1281d89&ver=9&rb=20707&ca=20730592&pe=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&pf=&ra=9458380835135562
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.128 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host
20730592p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Accept-Encoding
gzip, deflate, br
Cookie
rud=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrI0s7AwNTWzsBTiM9SNCqgIjkj2zTAy9veQ4jU0NQcqMjQxNLYwNAAAmVOWyTQAAAA; ruds=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrI0s7AwNTWzsBTiM9SNCqgIjkj2zTAy9vcAAMQvtrUlAAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrI0s7AwNTWzsBTiM9SNCqgIjkj2zTAy9veQ4jU0NQcqMjQxNLYwNAAAmVOWyTQAAAA;Path=/;Domain=.rfihub.com;Expires=Mon, 09-Nov-2020 15:56:53 GMT ruds=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrI0s7AwNTWzsBTiM9SNCqgIjkj2zTAy9vcAAMQvtrUlAAAA;Path=/;Domain=.rfihub.com eud=H4sIAAAAAAAAAJvFyGtoam5oZGJoYmhsYWL5Co3fxITKX4TG38SKyt_Fjcr_hcZfJIzKf4TGBwCNjmqokAAAAA;Path=/;Domain=.rfihub.com;Expires=Mon, 09-Nov-2020 15:56:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Server
Jetty(9.0.6.v20130930)
snippet.js
ove1.marketlinc.com/public/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ove1.marketlinc.com/public/js/snippet.js?273004430
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.127.232 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-152-127-232.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
cd87377fe56059399e00d68acbf724c72cd668d47670116af5a66461076e6f50

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:53 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 May 2019 05:59:54 GMT
Server
Cowboy
Etag
W/"2535-1557554394000"
Content-Type
application/javascript
Via
1.1 vegur
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1273
Expires
-1
sync
t.myvisualiq.net/
Redirect Chain
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D
  • https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_92fd5021-f02d-11e9-b803-3ef041cd058c
43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_92fd5021-f02d-11e9-b803-3ef041cd058c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-185-140-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Wed, 16 Oct 2019 15:56:54 GMT
via
1.1 google
server
Jetty(8.1.13.v20130916)
status
302
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_92fd5021-f02d-11e9-b803-3ef041cd058c
alt-svc
clear
content-length
0
sync
t.myvisualiq.net/
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253D...
  • https://t.myvisualiq.net/ul_cb/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fpri...
  • https://dpm.demdex.net/ibs:dpid=125310&dpuuid=b136709a-4c18-42bd-acdb-feb0d5f55f20&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D
  • https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=65106083670026028282389601872826547490
43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=65106083670026028282389601872826547490
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-185-140-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
amNlcGUzQQs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=65106083670026028282389601872826547490
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
loadus.exelator.com/load/
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
  • https://t.myvisualiq.net/ul_cb/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
  • https://loadus.exelator.com/load/?p=204&g=1260&buid=b136709a-4c18-42bd-acdb-feb0d5f55f20
124 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=1260&buid=b136709a-4c18-42bd-acdb-feb0d5f55f20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.200 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
nginx/1.14.0 / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:56:54 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
200
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/x-javascript;charset=UTF-8

Redirect headers

Location
https://loadus.exelator.com/load/?p=204&g=1260&buid=b136709a-4c18-42bd-acdb-feb0d5f55f20
Date
Wed, 16 Oct 2019 15:56:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
B10122508.135768705;dc_pre=CKS76LKSoeUCFcuYdwodQ9wKkg;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C%7CVIQ_0-83d...
ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%253A%252F%252Fad.doubleclick.net%252Fddm%252Ftrackimp%252FN408002.2426714VISUALIQ%252FB10122508.135768705%253Bdc_trk_aid%253D308294997%253Bdc_...
  • https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boo...
  • https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_pre=CKS76LKSoeUCFcuYdwodQ9wKkg;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky....
42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_pre=CKS76LKSoeUCFcuYdwodQ9wKkg;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C%7CVIQ_0-83dfff00-15e8-4ed0-bbce-1f65d99dafdb%7C;ord=8070751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 15:56:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Oct 2019 15:56:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_pre=CKS76LKSoeUCFcuYdwodQ9wKkg;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C%7CVIQ_0-83dfff00-15e8-4ed0-bbce-1f65d99dafdb%7C;ord=8070751
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression_pixel
t.myvisualiq.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/impression_pixel?r=8376038&et=i&ago=212&ao=537&aca=-10&si=-10&ci=-10&pi=-10&ad=-10&advt=-10&chnl=-10&vndr=1583&sz=8951&u=|https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&pt=i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-185-140-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
tr
www.facebook.com/
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D238727726635232%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
  • https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=0-0d59ff9a-3e81-4dd5-b9d4-2d399bcac05e
44 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=0-0d59ff9a-3e81-4dd5-b9d4-2d399bcac05e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:56:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 16 Oct 2019 15:56:54 GMT

Redirect headers

Location
https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=0-0d59ff9a-3e81-4dd5-b9d4-2d399bcac05e
Date
Wed, 16 Oct 2019 15:56:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
deployment
ove1.marketlinc.com/ 		360 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ove1.marketlinc.com/deployment
Requested by
Host: ove1.marketlinc.com
URL: https://ove1.marketlinc.com/public/js/snippet.js?273004430
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.127.232 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-152-127-232.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
f3d010353e100d07718666a0708f560885ef58eb480f4f4eaa292a778e53a34a

Request headers

Sec-Fetch-Mode
cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 16 Oct 2019 15:56:54 GMT
Content-Encoding
gzip
Server
Cowboy
Content-Language
en
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
56908
Via
1.1 vegur
Expires
-1
GlanceCobrowseLoader_4.6.0M.js
s3.amazonaws.com/glancecdn/cobrowse/js/
Redirect Chain
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19510&site=production
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.6.0M.js
9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.6.0M.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.229.237 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b0e228caf2195f6664b02bb4c159697a517c7dbdc218fc0c57c0fdb593dd8740

Request headers

Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 15:56:56 GMT
Last-Modified
Wed, 22 May 2019 19:48:59 GMT
Server
AmazonS3
x-amz-request-id
5AC5A083B1B8BBD6
ETag
"b1103a99610144dccfa616f854ffdb80"
x-amz-version-id
UhrSEKL0.2LwPKkBNSWEx4r7Y.zh53hw
Cache-Control
public, max-age=31556926
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
8923
x-amz-id-2
WlNzwkGp2JyqwxH61vzLaGgyom9fRJ0R3P6Q9YWXqYsopRpYau2/aWwS4zcBr8la80JV0Wgf1LQ=

Redirect headers

date
Wed, 16 Oct 2019 15:56:55 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
status
302
location
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.6.0M.js
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
content-length
194
/
www.facebook.com/tr/ 		0
0
/
cx.atdmt.com/ 		0
0
tracking-event
kaspersky.marketlinc.com/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaspersky.marketlinc.com/tracking-event
Requested by
Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.182.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-217-182-206.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Oct 2019 15:56:54 GMT
Content-Encoding
gzip
Server
Cowboy
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Via
1.1 vegur
Expires
-1
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1038935830&t=hit&_s=2&dl=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&dp=%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&ul=en-us&de=UTF-8&dt=Kaspersky%20Daily%20Blog%20%3E%20Error%20Page&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHDACEABB~&jid=&gjid=&cid=1319312242.1571241413&tid=UA-63997723-24&_gid=2019290512.1571241413&gtm=2wga21WZ7LJ3&cd6=&cd7=&cd8=&cd9=&cd13=&cd14=en_US&cd17=Kaspersky%20Daily%20Blog%20%3E%20Error%20Page&cd18=Kaspersky%20Daily%20Blog&cd23=Default&cd37=0&cd40=0&cd16=1319312242.1571241413&cd39=PwNGy2GrPcwd&z=819851655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Oct 2019 10:03:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
625982
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
s56018835092625
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.15.0/ 		43 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.15.0/s56018835092625?AQB=1&ndh=1&pf=1&t=16%2F9%2F2019%2017%3A56%3A55%203%20-120&mid=60530385554949988063419208004519236472&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=Kaspersky%20Daily%20Blog%20%3E%20Error%20Page&g=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&cc=USD&ch=Kaspersky%20Daily%20Blog&server=usa.kaspersky.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v3=Kaspersky%20Daily%20Blog%20%3E%20Error%20Page&v9=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&c20=undefined%3Aundefined%3Aundefined%3Aundefined%3Aundefined%3Aundefined&c29=v1%3As_code_single_suite.js%3AtrackMarketLincVisitor%20%3E%20trackEvent%20%3E%20sng.tl%3Ao&c30=v1%3A20191016%3A235%3AKaspersky%20Daily%20Blog%3A%5BNULL%5D&c31=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&c47=Default&v47=D%3Dc47&v49=PwNGy2GrPcwd&c51=Kaspersky%20Daily%20Blog&c56=en-US&c57=en-us&v57=D%3Dc57&c58=404%20%7C%20Kaspersky%20official%20blog&v71=v1%3AMarketLinc%20%3E%20Set%20Visitor%3A%7B%7D&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&lrt=35&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.49.100.189 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-100-189.eu-west-1.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 15:56:55 GMT
x-content-type-options
nosniff
x-c
master-1047.I1d1c81.M0-302
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 17 Oct 2019 15:56:55 GMT
server
jag
xserver
anedge-64d5676c7b-f8v7m
etag
3374215247920332800-4618265471350140102
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 15 Oct 2019 15:56:55 GMT
MultiNoun.jsonp
d.la1-c2-dfw.salesforceliveagent.com/chat/rest/System/ 		192 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-c2-dfw.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[]&Settings.updateBreadcrumb=1&callback=liveagent._.handlePing&deployment_id=&org_id=00D50000000NWMV&version=29
Requested by
Host: ove1.marketlinc.com
URL: https://ove1.marketlinc.com/public/js/deployment.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.147.57.7 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl3-dfw.la1-c2-dfw.salesforceliveagent.com
Software
/
Resource Hash
920740f8036cfdc5989f71e25e852adb3d522b4ab55cbb17dca9223e5be786b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://usa.kaspersky.com/blog/operation-puss-in-boots/18768/%7C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63997723-24&cid=1319312242.1571241413&jid=558066641&_v=j79&z=1710453131
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-24&cid=1319312242.1571241413&jid=1564630220&_v=j79&z=1647295364
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&url=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&time=1571241413554
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63997723-24&cid=1319312242.1571241413&jid=558066641&_v=j79&z=1710453131&slf_rd=1&random=3215614056
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-24&cid=1319312242.1571241413&jid=1564630220&_v=j79&z=1647295364&slf_rd=1&random=628180507
Domain
bat.bing.com
URL
https://bat.bing.com/bat.js
Domain
resources.xg4ken.com
URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA7-3EE
Domain
t.contentsquare.net
URL
https://t.contentsquare.net/uxa/2c47087421d0b.js
Domain
w.usabilla.com
URL
https://w.usabilla.com/1649d5fbb67c.js?lv=1
Domain
rules.quantcount.com
URL
https://rules.quantcount.com/rules-p-CRy9tA-v0aTsa.js
Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=839281392784015&ev=Microdata&dl=https%3A%2F%2Fusa.kaspersky.com%2Fblog%2Foperation-puss-in-boots%2F18768%2F%257C&rl=&if=false&ts=1571241415068&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22404%20%7C%20Kaspersky%20official%20blog%22%2C%22meta%3Akeywords%22%3A%22antivirus%2C%20antivirus%20software%2C%20internet%20security%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.6&r=stable&ec=1&o=30&fbp=fb.1.1571241413453.692207278&it=1571241413349&coo=false&es=automatic&rqm=GET
Domain
cx.atdmt.com
URL
https://cx.atdmt.com/?c=8460024715204306716&f=AYy_gXFBTSJRnFI0WkHPJw-e8k_LTTu4sflaXYbsjlUxD3fkWvv1b5xduGbduhrkDJWEng-Kv7xnkufJQYwEpN5y&id=839281392784015&l=3&v=0

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| MktoForms2 undefined| $ function| jQuery object| gdprDynamicStrings object| kasbanner_frontend_ajax_object object| gdprStrings function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| html5 object| Modernizr function| yepnope object| kaspersky_popup_object object| frontend_ajax_object object| kss function| Overlay function| MasonryCustom function| articleHover function| AjaxPagination function| twitter_widget_loaded function| singlePostHeader function| initTimeline object| stickyPins object| dataLayer function| fbq function| _fbq object| kaspersky object| prmOm object| omPlatformsSettings function| trackKLReferrer function| trackTrialSubmit function| trackFraud function| getFilename function| trackFile function| trackTrial function| trackTrialKMS function| trackPU function| trackPU2 function| trackDoc function| trackBeta function| trackDBUpdate function| trackDRFile function| trackLink function| trackCountrySelector function| trackLRC function| trackIPP function| trackPage function| trackMaxymiser function| trackAuditories function| trackAddToCart function| trackCheckoutFormFilling function| trackCroSegment function| trackCta function| trackDownload function| trackEvent function| trackExit function| trackForm function| trackGoToPayment function| trackChangePaymentMethod function| trackLena function| trackMarketLincGroup function| trackMarketLincVisitor function| trackPageView function| trackRegistration function| trackRemoveFromCart function| trackSaleButton function| trackSignin function| trackSignIn function| trackUpsellPage function| omSetContext function| omSetOmnitureParameters function| omAddSpaces function| omChooseCookieDomain function| omGetAbsoluteUrl function| omGetHostName function| omGetOrigin function| omGetQueryParam function| omReadCookie function| omRemoveAllUrlParameters function| omRemoveAllUrlParametersForDownloads function| omRemoveUrlParameter function| omRemoveCookie function| omSafeParseJson function| omSetCookie function| omSetInp function| removeHashFromString function| omTransmitEventToDataLayer function| omCreateEventParamsObj function| omGetProductsString function| omCutDataToEvars function| omPrepareProductsForTriggers function| omHandleClick function| omHandleMessage function| e object| sng object| s function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq object| appBannersConfig object| wp object| jQuery1124005266891437640808 object| pagination object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email number| seconds number| counter number| intervalNumber function| intervalRun function| lintrk boolean| _already_called_lintrk object| s_i_kaspersky-single-suite function| _rfi object| uetq object| _oiqq object| _qevents object| CPVisuallyComplete function| ktag function| SetCookie object| searchDomains string| userSegment string| referrer string| url number| flag function| lightningjs function| usabilla_live object| _uxa function| usaBillaIntegration function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| oiq_send_logging_error function| oiq_addPageMfg function| oiq_addPageBrand function| oiq_addPageDT function| oiq_addPageCat function| oiq_addPageProduct function| oiq_addPageSource function| oiq_addPageLifecycle function| oiq_addUserId function| oiq_addCustomKVP function| oiq_pushDCT function| oiq_ddPush function| oiq_is function| oiq_iifr function| oiq_sha256 function| oiq_md5 function| oiq_doTag boolean| _oiq_fps_js undefined| oiq_key object| t function| f function| oiq_getRefererImgURL function| oiq_parseURL function| oiq_findQueryArgument object| OIQLogging function| oiq_ii function| oiq_log_event object| oiq_pt string| oiq_uid number| _oiqSC object| oiq_pSource function| quantserve function| __qc object| ezt object| _qoptions boolean| liveAgentDeployment object| liveagent object| script object| viqjson object| visualiqtag object| COOKIE object| GLOBAL_VARIABLE function| loadPCREScript function| loadGlanceScript object| GLANCE_COBROWSE object| snippet function| Jvent function| Hashids function| ouibounce object| liveagentExt object| CALLBACK object| tracker object| ml_pltime object| GLANCE

10 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 65106083670026028282389601872826547490
.kaspersky.com/ Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C18186%7CMCMID%7C60530385554949988063419208004519236472%7CMCAAMLH-1571846213%7C6%7CMCAAMB-1571846213%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1571248613s%7CNONE%7CMCSYNCSOP%7C411-18193%7CMCAID%7CNONE%7CvVersion%7C4.3.0
.kaspersky.com/ Name: _gat_UA-35676203-24
Value: 1
.kaspersky.com/ Name: s_cc
Value: true
.kaspersky.com/ Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1
.kaspersky.com/ Name: _gat_gtmunivSep2015
Value: 1
.kaspersky.com/ Name: _fbp
Value: fb.1.1571241413453.692207278
.kaspersky.com/ Name: _gid
Value: GA1.2.2019290512.1571241413
.kaspersky.com/ Name: _ga
Value: GA1.2.1319312242.1571241413
.kaspersky.com/ Name: _gcl_au
Value: 1.1.1810057175.1571241413

2 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 839281392784015.
console-api error URL: https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.6.0M.js(Line 21)
Message:
ERR_COBROWSE_NOT_SUPP

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https://*.3gl.net https://*.abmr.net https://*.demdex.net https://*.everesttech.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.infogram.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.maxymiser.net https://*.mktoresp.com https://*.omtrdc.net https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.veinteractive.com https://*.yandex.ru https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kaspersky.admo.tv:9999 https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com wss://kaspersky.admo.tv:9999; default-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; font-src 'self' data: https://*.cloudfront.net https://*.gstatic.com https://*.kaspersky.com https://*.maxymiser.net https://*.slideshare.net https://*.slidesharecdn.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; frame-src 'self' https://*.addthis.com https://*.adsrvr.org https://*.ampproject.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google.com https://*.infogram.com https://*.instagram.com https://*.kaspersky.com https://*.libsyn.com https://*.marketo.com https://*.maxymiser.net https://*.owneriq.net https://*.rfihub.com https://*.sharethis.com https://*.slideshare.net https://*.soundcloud.com https://*.twitter.com https://*.veinteractive.com https://*.wp.com https://*.youtube.com https://amuselabs.com https://cdn.knightlab.com https://cdn.securelist.com https://cyberstat.kaspersky.com https://infogram.com https://kaspersky.demdex.net https://maxymiser.net https://media.kasperskydaily.com https://pixel.mathtag.com https://player.vimeo.com https://s-static.ak.facebook.com https://servedby.flashtalking.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.brighttalk.com https://www.kaspersky.com https://www.opinionstage.com https://www.riddle.com; img-src 'self' data: http://*.cloudfront.net http://*.imgix.net http://*.ipinyou.com http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://i0.poll.fm https://*.addthis.com https://*.admixer.net https://*.adnxs.com https://*.adriver.ru https://*.advertising.com https://*.behe.com https://*.betweendigital.com https://*.bidswitch.net https://*.bing.com https://*.btrll.com https://*.casalemedia.com https://*.cloudfront.net https://*.crwdcntrl.net https://*.demdex.net https://*.digitaltarget.ru https://*.dotomi.com https://*.doubleclick.net https://*.everesttech.net https://*.exelator.com https://*.eyeota.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.imgix.net https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.marketgid.com https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.netdna-cdn.com https://*.omtrdc.net https://*.openx.net https://*.owneriq.net https://*.postrelease.com https://*.pubmatic.com https://*.qq.com https://*.rubiconproject.com https://*.rutarget.ru https://*.sharethis.com https://*.staticflickr.com https://*.stickyadstv.com https://*.tanx.com https://*.tapad.com https://*.tradelab.fr https://*.tribalfusion.com https://*.twimg.com https://*.twitter.com https://*.undertone.com https://*.v12group.com https://*.veinteractive.com https://*.w55c.net https://*.wordpress.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yieldlab.net https://*.youku.com https://ad.mail.ru https://addevent.com https://adm.shinobi.jp https://adsearch.adkontekst.pl https://assets.kasperskydaily.com https://bh.contextweb.com https://cdn.securelist.com https://ckm.aty.sohu.com https://cm.fastapi.net https://cm.pos.baidu.com https://cm.qtmojo.com https://csi.gstatic.com https://exelatesync.extend.tv https://geo.yahoo.com https://images.telechargement.fr https://inpagevideo.nl https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.one.impact-ad.jp https://maps.googleapis.com https://maxymiser.net https://media.kasperskydaily.com https://pixel.quantserve.com https://pixel.s3xified.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3.amazonaws.com https://scontent.cdninstagram.com https://ssl.socdm.com https://stats.g.doubleclick.net https://stats.seedr.com https://t.co https://tagmanager.google.com https://track.addevent.com https://ums.adtech.de https://usa.kaspersky.com/blog https://vmg.host https://www.emjcd.com https://www.google.hr https://www.riddle.com https://www.tag4arm.com; media-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com; object-src 'self' https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://player.vimeo.com https://polldaddy.com https://usa.kaspersky.com/blog https://www.riddle.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.3gl.net https://*.addevent.com https://*.addthis.com https://*.adnxs.com https://*.adsrvr.org https://*.airpr.com https://*.ampproject.org https://*.bazaarvoice.com https://*.behe.com https://*.bizographics.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.infogram.com https://*.instagram.com https://*.ipinyou.com https://*.kaspersky.com https://*.mail.ru https://*.marketlinc.com https://*.marketo.com https://*.marketo.net https://*.mathtag.com https://*.maxymiser.net https://*.myvisualiq.net https://*.optimizely.com https://*.owneriq.net https://*.polldaddy.com https://*.quantserve.com https://*.rfihub.com https://*.rfihub.net https://*.rutarget.ru https://*.salesforceliveagent.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.veinteractive.com https://*.volvelle.tech https://*.woopra.com https://*.wp.com https://*.yahoo.co.jp https://*.yandex.ru https://*.yimg.com https://*.yimg.jp https://adcdn.goo.ne.jp https://addthisevent.com https://analytics-scripts.s3-eu-west-1.amazonaws.com https://assets.adobedtm.com https://assets.kasperskydaily.com https://bwb101.goo.ne.jp https://cdn.onesignal.com https://cdn.securelist.com https://cdn.tradelab.fr https://cdn.trmit.com https://connect.facebook.net https://connect.mail.ru https://external-assets.loyaltybay.co.uk https://kaspersky.admo.tv https://kaspersky.d2.sc.omtrdc.net https://m.addthis.com https://m.addthisedge.com https://maxymiser.net https://media.kasperskydaily.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://s3.amazonaws.com https://share.yandex.ru/ https://sp.analytics.yahoo.com https://static.ads-twitter.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.glancecdn.net https://www.googleadservices.com https://www.googletagmanager.com https://www.linkedin.com https://www.opinionstage.com https://www.riddle.com https://www.tag4arm.com; style-src 'self' 'unsafe-inline' https://*.cloudfront.net https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.maxymiser.net https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://assets.kasperskydaily.com https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://tagmanager.google.com https://usa.kaspersky.com/blog https://www.riddle.com; worker-src 'self' blob: data: file: filesystem: https://*.kaspersky.com https://*.maxymiser.net https://cdn.securelist.com https://maxymiser.net https://media.kasperskydaily.com https://usa.kaspersky.com/blog https://www.riddle.com unsafe-eval unsafe-inline
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20730592p.rfihub.com
a.rfihub.com
a.tribalfusion.com
ad.doubleclick.net
analytics-scripts.s3-eu-west-1.amazonaws.com
app-sj06.marketo.com
assets.kasperskydaily.com
bat.bing.com
c1.rfihub.net
cm.everesttech.net
connect.facebook.net
cx.atdmt.com
d.la1-c2-dfw.salesforceliveagent.com
dpm.demdex.net
ib.adnxs.com
jadserve.postrelease.com
kaspersky.d3.sc.omtrdc.net
kaspersky.demdex.net
kaspersky.marketlinc.com
loadus.exelator.com
media.kaspersky.com
ove1.marketlinc.com
pixel.quantserve.com
px.ads.linkedin.com
px.owneriq.net
resources.xg4ken.com
rules.quantcount.com
s.tribalfusion.com
s3.amazonaws.com
secure.quantserve.com
sjs.bizographics.com
t.contentsquare.net
t.myvisualiq.net
tapestry.tapad.com
usa.kaspersky.com
vt.myvisualiq.net
w.usabilla.com
www.facebook.com
www.glancecdn.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
bat.bing.com
cx.atdmt.com
px.ads.linkedin.com
resources.xg4ken.com
rules.quantcount.com
t.contentsquare.net
w.usabilla.com
www.facebook.com
www.google.com
www.google.de
104.16.94.80
136.147.57.7
143.204.101.70
147.75.102.200
18.185.140.58
185.31.128.128
185.33.223.210
216.58.205.230
23.37.58.95
23.37.61.90
23.38.48.101
2600:9000:2156:de00:12:5eb9:fe40:93a1
2a00:1450:4001:81a::2008
2a00:1450:4001:825::200e
2a02:26f0:6c00:293::3adf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.217.182.206
34.240.143.140
35.227.248.159
50.18.231.235
52.216.229.237
52.218.52.99
52.30.7.139
52.45.41.168
52.49.100.189
54.152.127.232
66.117.28.86
77.74.178.23
77.74.178.40
91.228.74.182
91.228.74.188
03bbca6c8d36e46a06ed00435438ef0ec611563100a06f55e937e5b3749a3dba
0629946fe142c676784daa479fe86526051bfa44bdeb5e3f4608fa22b8e153ae
072e5bf907e6519b9ce143ee8d7b8ea9309bd39646c80074a14fa0f4bacfda6f
0e409bb24dfc019e40b9a9216840ae95d6ba8c6061e60e3dac334787e0d6233e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20c44a2b00fbdf68041dbfacf8b61d07267786208e0495eb8b7f15b2d26300d9
30d78eb5de1153c9907bb5f60a390b947d1cf1b6ceafafcd9755a73182fa1c74
321bbcc4cc57483b7e329186e5159498b668ddde87cb64696ddcdc95176cce82
386d40859a290db4b20f811bf7c698c1f629cd10b9ab9a9edd71d2453b0c8e1e
3cdbb5e3e5faaee15b0f023599fc52b7f8fc54aa996b4c9af542749091d2929d
3f0a54b64a9f268dbcd9d55d0025c2405287310951cce80b0d0c0beadb76839d
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
44d3f91b29376c75b39de7abdb1ca4010175e2494dbfe4c535a70e94718236f5
4a1f77bec568fe4ebd6bf3030cd2a6ea7dffd250618239a16e1eb80f00e232f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f24864d27bfaffc860ad3f2648709b60153abbeb7ec502552ab987a18d0ff4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6bcd46724505389322186071ecea7ce07ebe47b698e06fff82e407eef816ebe4
6dd21f48efae5a31b9f4042a2801d3a71f2c8c8fb93a121395dd44bf01fb37ff
78387c5f1139254d8aeb190e671e4274d70dd6266896daeafb5da49d8869b7d5
7d4b909738dbd9ff7ec7940b095f8b4c90c85d0f715dd8b1a48fa26fba897610
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87eb550b748e26de85524905623371dbdb23475ef6973465b364fd60defc84f8
920740f8036cfdc5989f71e25e852adb3d522b4ab55cbb17dca9223e5be786b2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b0e228caf2195f6664b02bb4c159697a517c7dbdc218fc0c57c0fdb593dd8740
b652721e972ad17bfe8aab3616e4735ccf031e3ed595128c15a5c095f57c61a4
c4bdb282bb5632c26c5bc369c2f88a76d7c194b6fc7e0d78c69d4e357ff4cb36
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
cd87377fe56059399e00d68acbf724c72cd668d47670116af5a66461076e6f50
d1a97fdfbc6a6e8959c17a13aa2ac2d0dc9cef05b5dcd2ff49a249246e807bc2
d730bb6fbbbd41c6dbbc93a37860904fd6e8cdb2c3029efd2eb7104ae41586ce
d7c02bfd05f418c18d9926ecd9bb0a14da25e22bdc02ecd42c0c948940e5ba23
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de892addc549d85b9fd5d5c2f77a4dd96fbe4ec11542d6cf7232fab6ccabae5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f43e2bb5356e5a42b110bbd4bc0e522ca6afce2e8b69850f4f3db1f275fdea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d010353e100d07718666a0708f560885ef58eb480f4f4eaa292a778e53a34a
f558bac4b91c6b46d97078d0792594dce9cd5abb24a406830241ad7ff6a04ec0