urlscan.io logo urlscan.io
SecurityTrails logo

www.forbes.com Open in urlscan Pro
151.101.14.49  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security...
Submission: On January 30 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 17 HTTP transactions. The main IP is 151.101.14.49, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.forbes.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on November 21st 2019. Valid for: a year.
This is the only time www.forbes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.forbes.com
thumbor.forbes.com
geolocation.forbes.com
1    52.222.157.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-157-73.fra53.r.cloudfront.net
native.sharethrough.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
6    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
specials-images.forbesimg.com
i.forbesimg.com
1    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
fuse-dev.forbes.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    151.101.14.202 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.firebase.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
5 i.forbesimg.com www.forbes.com
3 www.forbes.com 1 redirects www.forbes.com
2 cdn.firebase.com i.forbesimg.com
1 fonts.googleapis.com
1 www.gstatic.com i.forbesimg.com
1 geolocation.forbes.com i.forbesimg.com
1 fuse-dev.forbes.com i.forbesimg.com
1 thumbor.forbes.com www.forbes.com
1 specials-images.forbesimg.com www.forbes.com
1 secure.gravatar.com www.forbes.com
1 native.sharethrough.com www.forbes.com
17 11
Subject Issuer Validity Valid
g2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-21 -
2020-11-12		 a year crt.sh
*.sharethrough.com
Amazon		 2019-10-07 -
2020-11-07		 a year crt.sh
*.gravatar.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-06 -
2020-09-05		 2 years crt.sh
n2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-29 -
2020-06-13		 6 months crt.sh
fuse-dev.forbes.com
Let's Encrypt Authority X3		 2019-12-18 -
2020-03-17		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh
f6.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-01-08 -
2020-08-07		 7 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Frame ID: 0FFF5BA7B49D170EAB0AAA360A7136CC
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

17
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

11
Subdomains

9
IPs

3
Countries

741 kB
Transfer

2504 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.forbes.com/simple-data/contrib-permissions/?naturalId= HTTP 302
  • https://www.forbes.com/consent/?toURL=https://www.forbes.com/simple-data/contrib-permissions/?naturalId=

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/ 		418 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
rhino-core-shield /
Resource Hash
a5429d777d1df6ddaa4d48da31b10d00f1144503bfcd5ebb32dace17a78030f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.forbes.com
:scheme
https
:path
/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
server
rhino-core-shield
content-type
text/html; charset=utf-8
cache-control
public, max-age=1800
content-encoding
gzip
x-envoy-upstream-service-time
222
backend
dnsresolver
x-backend
simple-site-prod-g
x-yourttl
1800.000
accept-ranges
bytes bytes bytes
set-cookie
forbesbeta=B; Path=/; Domain=.forbes.com client_id=6273a5c24459f58b6d9c0710766e817d6de; Path=/; Domain=.forbes.com; Expires=Sat, 29 Jan 2022 18:48:54 GMT
x-frame-options
SAMEORIGIN
x-cicero-cache
MISS
via
1.1 google 1.1 varnish
date
Thu, 30 Jan 2020 18:48:54 GMT
age
0
x-served-by
cache-fra19137-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1580410135.541632,VS0,VE345
vary
Accept-Encoding, X-is-EU
x-country-code
BE
x-postal-code
4577
x-region
WLG
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
content-length
82823
sfp.js
native.sharethrough.com/assets/ 		421 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-73.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ee2ec7ef07338088107c0cd577b03e4b1b989b7686fdcf17d5b6d6b71b56f

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 07:39:02 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 22:58:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-id
1qU7-mP2Q62YRiXc7-v_ru_5lWgY9kLoAdEG0I18AdlfHwza7575QQ==
via
1.1 36c13eeffcddf77ad33d7874b28e6168.cloudfront.net (CloudFront)
expires
Tue, 28 Jan 2020 23:58:30 GMT
9e81c73adca937778db3039d8ba72b45
secure.gravatar.com/avatar/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/9e81c73adca937778db3039d8ba72b45?s=400&d=mm&r=g
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
820b45025a3632a63e5a806bca9037011cabd7a772ea342ca79679283c5e6c79

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nc
HIT fra 4
date
Thu, 30 Jan 2020 18:48:54 GMT
last-modified
Fri, 08 Mar 2019 10:47:15 GMT
server
nginx
access-control-allow-origin
*
source-age
6577920
content-type
image/jpeg
status
200
cache-control
max-age=300
content-disposition
inline; filename="9e81c73adca937778db3039d8ba72b45.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/9e81c73adca937778db3039d8ba72b45?s=400&d=mm&r=g>; rel="canonical"
content-length
29378
expires
Thu, 30 Jan 2020 18:53:54 GMT
960x0.jpg
specials-images.forbesimg.com/imageserve/1197097614/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://specials-images.forbesimg.com/imageserve/1197097614/960x0.jpg?fit=scale
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
af5f25242a0e44b0204f6f82673dc68e33c07fba7a17fdad08a4ca3935203568
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 18:48:55 GMT
via
1.1 varnish, 1.1 varnish
age
43360
x-cache
HIT, HIT
status
200
x-envoy-upstream-service-time
429
content-length
42654
x-served-by
cache-iad2131-IAD, cache-hhn4034-HHN
server
istio-envoy
x-timer
S1580410135.093226,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
expires
Sat, 29 Feb 2020 12:02:12 GMT
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 11
worksans-regular-webfont.woff2
i.forbesimg.com/assets/fonts/work-sans/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.forbesimg.com/assets/fonts/work-sans/worksans-regular-webfont.woff2
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
b200a5f4eb1019f8bdb0945403b12f11ee18b51cd582b3237990ec940a0c7b5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.forbes.com/
Origin
https://www.forbes.com

Response headers

x-fastly-server-hint
cacheable
date
Thu, 30 Jan 2020 18:48:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
17081942
x-cache
HIT
status
200
x-envoy-upstream-service-time
16
x-cache-hits
30645
content-length
23939
via
1.1 varnish
x-served-by
cache-hhn4068-HHN
last-modified
Thu, 12 Apr 2018 16:43:20 GMT
server
istio-envoy
x-timer
S1580410135.110593,VS0,VE0
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jul 2020 01:49:52 GMT
worksans-semibold-webfont.woff2
i.forbesimg.com/assets/fonts/work-sans/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.forbesimg.com/assets/fonts/work-sans/worksans-semibold-webfont.woff2
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a71818f2e6f6b3318e697aba5e791302640cfef7dce8f5fd1f66ab3f74197083
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.forbes.com/
Origin
https://www.forbes.com

Response headers

x-fastly-server-hint
cacheable
date
Thu, 30 Jan 2020 18:48:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
18904738
x-cache
HIT
status
200
x-envoy-upstream-service-time
22
x-cache-hits
31199
content-length
25407
via
1.1 varnish
x-served-by
cache-hhn4068-HHN
last-modified
Thu, 12 Apr 2018 16:43:20 GMT
server
istio-envoy
x-timer
S1580410135.110679,VS0,VE0
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Jun 2020 23:29:55 GMT
merriweather-bold-webfont.woff2
i.forbesimg.com/assets/fonts/merriweather/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.forbesimg.com/assets/fonts/merriweather/merriweather-bold-webfont.woff2
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
780800c79753eaaa39f2b7949257285030d3b070a51969d0382d48643688337c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.forbes.com/
Origin
https://www.forbes.com

Response headers

x-fastly-server-hint
cacheable
date
Thu, 30 Jan 2020 18:48:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
18904739
x-cache
HIT
status
200
x-envoy-upstream-service-time
24
x-cache-hits
31514
content-length
23659
via
1.1 varnish
x-served-by
cache-hhn4068-HHN
last-modified
Thu, 12 Apr 2018 15:22:08 GMT
server
istio-envoy
x-timer
S1580410135.110648,VS0,VE0
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Jun 2020 23:29:55 GMT
f-gray.png
thumbor.forbes.com/thumbor/75x0/i.forbesimg.com/media/assets/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbor.forbes.com/thumbor/75x0/i.forbesimg.com/media/assets/logos/f-gray.png
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ab0f2b9d6d27e17abfef9b09701191dd48aa8779ea4ec91c69a8fea9f9c8fb15

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 18:48:55 GMT
via
1.1 varnish
age
2131031
x-cache
HIT
status
200
x-envoy-upstream-service-time
18
content-length
2565
x-served-by
cache-fra19137-FRA
server
istio-envoy
x-timer
S1580410135.023176,VS0,VE0
etag
"8f15c1b59c80fea4b1c5f083b819f10c0c63b950"
content-type
image/png
expires
Tue, 05 Jan 2021 02:51:43 GMT
cache-control
max-age=31536000,public
accept-ranges
bytes
x-cache-hits
1
common-224781030a5695d4a341.js
i.forbesimg.com/simple-site/dist/js/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.forbesimg.com/simple-site/dist/js/common-224781030a5695d4a341.js
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5b835c84bd2cb692f0440f598d62f9e7587c065358b9fdf2829cccf521d380f0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-fastly-server-hint
cacheable
date
Thu, 30 Jan 2020 18:48:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2383
x-cache
HIT
status
200
x-envoy-upstream-service-time
70
content-length
47108
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 30 Jan 2020 18:03:06 GMT
server
istio-envoy
x-timer
S1580410135.104508,VS0,VE1
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://www.forbes.com
cache-control
max-age=31536000, public
accept-ranges
bytes
x-cache-hits
1
desktopArticle-7b2b4486f6ed31b8424e.js
i.forbesimg.com/simple-site/dist/js/ 		271 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.forbesimg.com/simple-site/dist/js/desktopArticle-7b2b4486f6ed31b8424e.js
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
b1c280bf407653c4dc0b3e20222898dd13a5f5fc1b968c5d65f333b0bc584638
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-fastly-server-hint
cacheable
date
Thu, 30 Jan 2020 18:48:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2384
x-cache
HIT
status
200
x-envoy-upstream-service-time
13
content-length
43440
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 30 Jan 2020 18:03:06 GMT
server
istio-envoy
x-timer
S1580410135.104668,VS0,VE1
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://www.forbes.com
cache-control
max-age=31536000, public
accept-ranges
bytes
x-cache-hits
1
6273a5c24459f58b6d9c0710766e817d6de
fuse-dev.forbes.com/fuse/ 		0
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fuse-dev.forbes.com/fuse/6273a5c24459f58b6d9c0710766e817d6de
Requested by
Host: i.forbesimg.com
URL: https://i.forbesimg.com/simple-site/dist/js/common-224781030a5695d4a341.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.forbes.com/
Origin
https://www.forbes.com

Response headers

x-id
6273a5c24459f58b6d9c0710766e817d6de
date
Thu, 30 Jan 2020 18:48:55 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
404
x-cache-hits
0
content-length
0
x-served-by
cache-hhn4020-HHN
server
Google Frontend
x-timer
S1580410135.322390,VS0,VE125
strict-transport-security
max-age=3600
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
2b39b258948a6aecb3ae0c47cb96424b
accept-ranges
bytes
expires
Fri, 31 Jan 2020 15:45:00 GMT
/
geolocation.forbes.com/json/ 		341 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geolocation.forbes.com/json/
Requested by
Host: i.forbesimg.com
URL: https://i.forbesimg.com/simple-site/dist/js/desktopArticle-7b2b4486f6ed31b8424e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
10f5817723996fcdbab94dae0c2edbc11f543f723fd9f453a8352e668dc6252d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.forbes.com/
Origin
https://www.forbes.com

Response headers

date
Thu, 30 Jan 2020 18:48:55 GMT
via
1.1 varnish
x-cache
MISS
status
200
content-length
341
x-served-by
cache-fra19121-FRA
server
Varnish
x-timer
S1580410135.333187,VS0,VE0
content-type
application/json
access-control-allow-origin
https://www.forbes.com
cache-control
private, max-age=3600
x-continent-code
EU
accept-ranges
bytes
x-country-code
BE
retry-after
0
x-cache-hits
0
/
www.forbes.com/consent/
Redirect Chain
  • https://www.forbes.com/simple-data/contrib-permissions/?naturalId=
  • https://www.forbes.com/consent/?toURL=https://www.forbes.com/simple-data/contrib-permissions/?naturalId=
1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.forbes.com/consent/?toURL=https://www.forbes.com/simple-data/contrib-permissions/?naturalId=
Requested by
Host: www.forbes.com
URL: https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
151bc0e58067864cfe4378f0b920793a5656f4a1decb82f8ce7ec9db1c85b78a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-fastly-server-hint
cacheable
date
Thu, 30 Jan 2020 18:48:55 GMT
content-encoding
gzip
x-postal-code
4577
age
1290
x-cache
HIT
status
200
x-envoy-upstream-service-time
3
x-region
WLG
content-length
780
x-served-by
cache-fra19137-FRA
last-modified
Thu, 14 Nov 2019 18:56:03 GMT
server
istio-envoy
x-timer
S1580410135.297098,VS0,VE0
x-frame-options
SAMEORIGIN
etag
"5be-597530877a6cb-gzip"
vary
Accept-Encoding, X-ABtesting
content-type
text/html; charset=UTF-8
via
1.1 varnish
cache-control
max-age=31536000, public
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-country-code
BE
x-cache-hits
2

Redirect headers

date
Thu, 30 Jan 2020 18:48:55 GMT
via
1.1 varnish
x-postal-code
4577
x-cache
MISS
status
302
x-region
WLG
content-length
0
x-served-by
cache-fra19137-FRA
server
Varnish
x-timer
S1580410135.257407,VS0,VE0
content-type
text/html
location
https://www.forbes.com/consent/?toURL=https://www.forbes.com/simple-data/contrib-permissions/?naturalId=
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-country-code
BE
retry-after
0
x-cache-hits
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		243 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
firebase.js
www.gstatic.com/firebasejs/6.4.2/ 		834 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.4.2/firebase.js
Requested by
Host: i.forbesimg.com
URL: https://i.forbesimg.com/simple-site/dist/js/desktopArticle-7b2b4486f6ed31b8424e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26e515939a823929a2a392bdcf1d68e39176461c21fc64d33b85f571da0be6c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 14:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Aug 2019 23:07:57 GMT
server
sffe
age
706557
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
236039
x-xss-protection
0
expires
Thu, 21 Jan 2021 14:33:05 GMT
firebaseui.css
cdn.firebase.com/libs/firebaseui/3.5.2/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.firebase.com/libs/firebaseui/3.5.2/firebaseui.css
Requested by
Host: i.forbesimg.com
URL: https://i.forbesimg.com/simple-site/dist/js/desktopArticle-7b2b4486f6ed31b8424e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.202 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0cbf2d11130ac609ee8ece2c228c13386bc03865ca1e5799996738c2daff230d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-cache
HIT
status
200
date
Thu, 30 Jan 2020 18:49:02 GMT
content-length
7660
via
1.1 varnish
x-served-by
cache-fra19121-FRA
last-modified
Mon, 14 Jan 2019 21:26:21 GMT
server
nginx
x-timer
S1580410143.803508,VS0,VE0
etag
W/"5c3cfe7d-a093"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=432000
accept-ranges
bytes
x-cache-hits
49
firebaseui.js
cdn.firebase.com/libs/firebaseui/3.5.2/ 		208 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.firebase.com/libs/firebaseui/3.5.2/firebaseui.js
Requested by
Host: i.forbesimg.com
URL: https://i.forbesimg.com/simple-site/dist/js/desktopArticle-7b2b4486f6ed31b8424e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.202 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
715700589ea0d97d68a71c3d828496bb184cc308d4f1a77a547507c8001ba148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-cache
HIT
status
200
date
Thu, 30 Jan 2020 18:49:02 GMT
content-length
65117
via
1.1 varnish
x-served-by
cache-fra19121-FRA
last-modified
Mon, 14 Jan 2019 21:26:21 GMT
server
nginx
x-timer
S1580410143.803580,VS0,VE0
etag
W/"5c3cfe7d-34004"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=432000
accept-ranges
bytes
x-cache-hits
10
css
fonts.googleapis.com/ 		7 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c787bafdfa8548776a0d272c2bb0d82c47bbe44eb00edea71dea4421d8cb2770
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.forbes.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 30 Jan 2020 18:49:02 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 30 Jan 2020 18:49:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 30 Jan 2020 18:49:02 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| forbes string| medianet_versionId object| cbList boolean| medianetLoaded object| advBidxc object| _mNHandle function| webpackJsonp object| core object| __core-js_shared__ object| CustomElements object| fbs-video object| dataLayer object| trackingService object| googletag object| fbsads function| fbs_auth object| fbs-embedly string| __region function| setImmediate function| clearImmediate function| UUIDv1 function| clamp object| STR undefined| UUID object| Audit object| firebase object| componentHandler function| MaterialButton function| MaterialProgress function| MaterialSpinner function| MaterialTextfield object| dialogPolyfill object| firebaseui object| firebaseAuth

2 Cookies

Domain/Path Name / Value
.forbes.com/ Name: client_id
Value: 6273a5c24459f58b6d9c0710766e817d6de
.forbes.com/ Name: forbesbeta
Value: B

2 Console Messages

Source Level URL
Text
console-api error URL: https://i.forbesimg.com/simple-site/dist/js/common-224781030a5695d4a341.js(Line 1)
Message:
Fuse Segment Error: SyntaxError: Unexpected end of JSON input
console-api warning URL: https://www.gstatic.com/firebasejs/6.4.2/firebase.js(Line 1)
Message:
It looks like you're using the development build of the Firebase JS SDK. When deploying Firebase apps to production, it is advisable to only import the individual SDK components you intend to use. For the CDN builds, these are available in the following manner (replace <PACKAGE> with the name of a component - i.e. auth, database, etc): https://www.gstatic.com/firebasejs/5.0.0/firebase-<PACKAGE>.js

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.firebase.com
fonts.googleapis.com
fuse-dev.forbes.com
geolocation.forbes.com
i.forbesimg.com
native.sharethrough.com
secure.gravatar.com
specials-images.forbesimg.com
thumbor.forbes.com
www.forbes.com
www.gstatic.com
151.101.114.133
151.101.114.49
151.101.14.202
151.101.14.49
2a00:1450:4001:80b::200a
2a00:1450:4001:81d::2003
2a04:fa87:fffe::c000:4902
52.222.157.73
0cbf2d11130ac609ee8ece2c228c13386bc03865ca1e5799996738c2daff230d
10f5817723996fcdbab94dae0c2edbc11f543f723fd9f453a8352e668dc6252d
151bc0e58067864cfe4378f0b920793a5656f4a1decb82f8ce7ec9db1c85b78a
265ee2ec7ef07338088107c0cd577b03e4b1b989b7686fdcf17d5b6d6b71b56f
26e515939a823929a2a392bdcf1d68e39176461c21fc64d33b85f571da0be6c9
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b835c84bd2cb692f0440f598d62f9e7587c065358b9fdf2829cccf521d380f0
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
715700589ea0d97d68a71c3d828496bb184cc308d4f1a77a547507c8001ba148
780800c79753eaaa39f2b7949257285030d3b070a51969d0382d48643688337c
820b45025a3632a63e5a806bca9037011cabd7a772ea342ca79679283c5e6c79
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a5429d777d1df6ddaa4d48da31b10d00f1144503bfcd5ebb32dace17a78030f8
a71818f2e6f6b3318e697aba5e791302640cfef7dce8f5fd1f66ab3f74197083
ab0f2b9d6d27e17abfef9b09701191dd48aa8779ea4ec91c69a8fea9f9c8fb15
af5f25242a0e44b0204f6f82673dc68e33c07fba7a17fdad08a4ca3935203568
b1c280bf407653c4dc0b3e20222898dd13a5f5fc1b968c5d65f333b0bc584638
b200a5f4eb1019f8bdb0945403b12f11ee18b51cd582b3237990ec940a0c7b5d
c787bafdfa8548776a0d272c2bb0d82c47bbe44eb00edea71dea4421d8cb2770
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855