www.mtlblog.com Open in urlscan Pro
2606:4700::6811:b366 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Submission: On February 19 via manual (February 19th 2020, 12:24:48 pm UTC) from GB

Summary HTTP 88 Redirects Links 217 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 31 domains to perform 88 HTTP transactions. The main IP is 2606:4700::6811:b366, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mtlblog.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on February 18th 2020. Valid for: 6 months.

This is the only time www.mtlblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700::68... 2606:4700::6811:b366	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.202.28 143.204.202.28	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f21... 2a03:2880:f212:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
11 12	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1 5	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2	143.204.201.153 143.204.201.153	16509 (AMAZON-02) (AMAZON-02)
11	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1 3	104.124.133.20 104.124.133.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.35.253.5 13.35.253.5	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.96.112.53 23.96.112.53	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	52.22.44.87 52.22.44.87	14618 (AMAZON-AES) (AMAZON-AES)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
1 3	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
1	13.35.253.107 13.35.253.107	16509 (AMAZON-02) (AMAZON-02)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.190.40.172 35.190.40.172	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	63.33.80.49 63.33.80.49	16509 (AMAZON-02) (AMAZON-02)
2 2	52.49.39.42 52.49.39.42	16509 (AMAZON-02) (AMAZON-02)
3 3	54.77.173.141 54.77.173.141	16509 (AMAZON-02) (AMAZON-02)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
88	35

9 2606:4700::6811:b366 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mtlblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-28.fra53.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f212:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-lga3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f22d:e5:face:b00c:0:4420 (Ireland) 11 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

scontent-frx5-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:80c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.201.153 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-153.fra53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kit-pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

embed.redditmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.124.133.20 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-124-133-20.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.5 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-5.fra6.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.96.112.53 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-blu-011.cloudapp.net

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.22.44.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-44-87.compute-1.amazonaws.com

narcitymedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.59.101 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-107.fra6.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 172.40.190.35.bc.googleusercontent.com

api.skimlinks.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.80.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.39.42 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-39-42.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.173.141 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-173-141.eu-west-1.compute.amazonaws.com

x.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Central, Hong Kong) 2 redirects

ASN54825 (PACKET, US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	skimresources.com 4 redirects s.skimresources.com t.skimresources.com p.skimresources.com r.skimresources.com x.skimresources.com	33 KB
13	instagram.com 12 redirects www.instagram.com platform.instagram.com	8 KB
9	cdninstagram.com scontent-lga3-1.cdninstagram.com scontent-frx5-1.cdninstagram.com scontent-frt3-1.cdninstagram.com	404 KB
9	mtlblog.com www.mtlblog.com	139 KB
8	google.com contributor.google.com apis.google.com fundingchoicesmessages.google.com adservice.google.com	122 KB
8	blueconic.net cdn.blueconic.net narcitymedia.blueconic.net	95 KB
5	gstatic.com fonts.gstatic.com	151 KB
5	fontawesome.com kit.fontawesome.com kit-pro.fontawesome.com	83 KB
5	facebook.net connect.facebook.net	206 KB
3	facebook.com www.facebook.com	556 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	exelator.com 2 redirects loadeu.exelator.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	snapchat.com tr.snapchat.com
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	twitter.com platform.twitter.com	29 KB
2	amazon-adsystem.com c.amazon-adsystem.com	28 KB
2	doubleclick.net securepubads.g.doubleclick.net	76 KB
1	emxdgt.com e1.emxdgt.com	1 KB
1	casalemedia.com as-sec.casalemedia.com	339 B
1	adsrvr.org match.adsrvr.org	542 B
1	rlcdn.com api.rlcdn.com
1	googleapis.com fonts.googleapis.com	3 KB
1	consensu.org api.skimlinks.mgr.consensu.org	637 B
1	google.co.uk adservice.google.co.uk	778 B
1	pressboard.ca adserver.pressboard.ca	698 B
1	brealtime.com biddr.brealtime.com	1 KB
1	sc-static.net sc-static.net	5 KB
1	redditmedia.com embed.redditmedia.com	22 KB
1	indexww.com js-sec.indexww.com	11 KB
1	google-analytics.com www.google-analytics.com	18 KB
88	31

	Domain	Requested by
12	www.instagram.com	11 redirects www.mtlblog.com
9	www.mtlblog.com	www.mtlblog.com
7	narcitymedia.blueconic.net	cdn.blueconic.net
5	fonts.gstatic.com	www.mtlblog.com
5	connect.facebook.net	www.mtlblog.com connect.facebook.net
4	p.skimresources.com	www.mtlblog.com
4	kit-pro.fontawesome.com	kit.fontawesome.com www.mtlblog.com
4	fundingchoicesmessages.google.com	www.mtlblog.com
4	scontent-frx5-1.cdninstagram.com	www.mtlblog.com
4	scontent-lga3-1.cdninstagram.com	www.mtlblog.com
3	x.skimresources.com	3 redirects
3	www.facebook.com	www.mtlblog.com connect.facebook.net
3	r.skimresources.com	1 redirects www.mtlblog.com
3	sb.scorecardresearch.com	1 redirects www.mtlblog.com
2	loadeu.exelator.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	tr.snapchat.com	sc-static.net
2	t.skimresources.com	www.mtlblog.com s.skimresources.com
2	s.skimresources.com	www.mtlblog.com s.skimresources.com
2	platform.twitter.com	www.mtlblog.com platform.twitter.com
2	c.amazon-adsystem.com	www.mtlblog.com c.amazon-adsystem.com
2	contributor.google.com	www.mtlblog.com
2	securepubads.g.doubleclick.net	www.mtlblog.com securepubads.g.doubleclick.net
1	e1.emxdgt.com	biddr.brealtime.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	fonts.googleapis.com
1	api.skimlinks.mgr.consensu.org	s.skimresources.com
1	certify.alexametrics.com	www.mtlblog.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	adserver.pressboard.ca	www.mtlblog.com
1	biddr.brealtime.com	www.mtlblog.com
1	sc-static.net	www.mtlblog.com
1	certify-js.alexametrics.com	www.mtlblog.com
1	apis.google.com	www.mtlblog.com
1	embed.redditmedia.com	www.mtlblog.com
1	platform.instagram.com	1 redirects
1	kit.fontawesome.com	www.mtlblog.com
1	scontent-frt3-1.cdninstagram.com	www.mtlblog.com
1	js-sec.indexww.com	www.mtlblog.com
1	www.google-analytics.com	www.mtlblog.com
1	cdn.blueconic.net	www.mtlblog.com
88	44

This site contains links to these domains. Also see Links.

Domain
www.narcitymedia.com
www.narcity.com
www.tvanouvelles.ca
nationalpost.com
www.cbc.ca
www.instagram.com
www.antifraudcentre-centreantifraude.ca
www.sq.gouv.qc.ca
corp.aarki.com
www.adacado.com
adara.com
www.adclear.de
theadex.com
site.adform.com
www.adikteev.com
adledge.com
adloox.com
adludio.com
www.admaxim.com
www.admedo.com
admetrics.io
www.adobe.com
www.adroll.com
privacy.adtriba.com
www.ad4mat.com
www.adventori.com
advolution.de
www.affili.net
www.akamai.com
www.amazon.co.uk
www.amobee.com
analights.com
www.applovin.com
www.appnexus.com
www.arrivalist.com
privacy.audienceproject.com
www.aunica.com.br
avocet.io
www.bannerflow.com
batch.ba
www.xxxlutz.de
www.beeswax.com
betting.geniussports.com
www.blis.com
bombora.com
www.booking.com
c3metrics.com
cablato.com
www.celtra.com
www.centro.net
www.cint.com
clinch.co
green.erne.co
www.cloudflare.com
www.commandersact.com
www.comscore.com
www.conversantmedia.eu
crimtan.com
www.criteo.com
cubed.ai
www.dataxu.com
www.deltaprojects.com
www.demandbase.com
www.dentsu.co.jp
www.dentsu.com
www.digiseg.io
www.dma-institute.com
www.doubleverify.com
dstillery.com
client.adhslx.com
www.rvty.net
www.ebay.com
ebuilders.nl
www.effiliation.com
www.emetriq.com
www.ensighten.com
essens.no
www.evidon.com
www.exactag.com
exponential.com
www.facebook.com
www.flashtalking.com
www.fractionalmedia.com
www.s4m.io
www.gemius.com
sensic.net
www.google.com
www.gsi-one.org
www.groupm.com
createjs.com
haensel-ams.com
www.centraltag.com
www.hurra.com
www.ibm.com
www.ignitionone.com
impact.com
www.indexexchange.com
impressiondesk.com
www.innovid.com
www.integralads.com
www.intelliad.de
www.interpublic.com
www.bidswitch.com
www.jivox.com
www.kantarmedia.com
www.kochava.com
www.lifestreet.com
liftoff.io
liveramp.com
www.localsensor.com
loopme.com
www.lotame.com
www.metrixlab.com
www.mainad.com
www.manage.com
mktsci.com
privacy.mbr-targeting.com
www.mediamath.com
www.meetrics.com
www.mindtake.com
www.mobitrans.net
mobpro.com
www.molocoads.com
site.msi-aci.com
www.nanointeractive.com
www.navegg.com
www.neodatagroup.com
www.neory.com
www.netflix.com
www.nicequest.com
web.neural.one
www.home.neustar
www.nielsen.com
ads.1000mercis.com
policies.oath.com
www.objectivepartners.com
www.omnicommediagroup.com
ondeviceresearch.com
www.onetag.net
www.openx.com
optomaton.com
www.oracle.com
www.otto.de
permodo.com
www.pixalate.com
platform161.com
www.pmg.com
www.protected.media
www.publicismedia.de
pubmatic.com
www.pulsepoint.com
www.quantcast.com
www.rackspace.com
rakutenmarketing.com
relay42.com
remerge.io
www.nonstoppartner.net
www.resonate.com
www.revjet.com
www.rhythmone.com
www.valuedopinions.co.uk
www.roq.ad
www.rtbhouse.com
rubiconproject.com
www.salesforce.com
www.scenestealer.tv
scoota.com
seenthis.co
www.semasio.com
www.sfr.fr
www.sift.co
www.simpli.fi
www.sizmek.com
www.smaato.com
smadex.com
smartadserver.com
www.smartology.net
www.sociomantic.com
www.sojern.com
www.sovrn.com
www.spotad.co
www.spotx.tv
static.tabmo.io.s3.amazonaws.com
www.taboola.com
tacticrealtime.com
teads.tv
teemo.co
www.thetradedesk.com
www.tradedoubler.com
travelaudience.com
www.yieldr.com
tresensa.com
triplelift.com
trueffect.com
www.trustarc.com
www.turbobytes.com
www.usemax.de
videologygroup.com
vimeo.com
virtualminds.de
www.vodafone.de
www.wayfair.com
weborama.com
www.whiteops.com
www.widespace.com
www.wizaly.com
zms.zalando.com

Subject Issuer	Validity	Valid
ssl637075.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-18` - `2020-08-26`	6 months	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-12-07` - `2020-03-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-01-22` - `2020-04-21`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
*.apis.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2018-09-13` - `2020-10-07`	2 years	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2017-03-22` - `2020-03-22`	3 years	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2020-01-17` - `2021-03-17`	a year	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
api.skimlinks.mgr.consensu.org DigiCert SHA2 Secure Server CA	`2019-10-04` - `2021-10-07`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2019-07-17` - `2020-07-17`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Frame ID: 21EDA03FCAB5F56BA44D44908F822CD5
Requests: 80 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.js?nnn=1582115071567
Frame ID: C909BA84F7B88BD66C2659434D9D1797
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.mtlblog.com
Frame ID: B2909F1807B3AD667D2243AFFD51AD76
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5832423934281121
Frame ID: F8783562B15F6919CA1F4BAE66B501F0
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i
Frame ID: DAE9951610BBD7E8FAF5C01EE3DA2461
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: B899DAAE91FD060C8A6001F5860E6B7F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

88
Requests

100 %
HTTPS

42 %
IPv6

31
Domains

44
Subdomains

35
IPs

6
Countries

1438 kB
Transfer

3550 kB
Size

13
Cookies

217 Outgoing links

These are links going to different origins than the main page.

URL: https://www.narcitymedia.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.narcitymedia.com/careers
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.narcitymedia.com/political-ads-registry
Title: Political Ads Registry

Search URL Search Domain Scan URL

URL: https://www.narcity.com/news/ca/capital-one-breach-leaves-1-million-canadians-with-stolen-sin-numbers
Title: a cyberattack on Capital One bank

Search URL Search Domain Scan URL

URL: https://www.tvanouvelles.ca/2019/08/05/le-reseau-dhydro-quebec-constamment-pris-dassaut-par-des-cyberattaques
Title: a report from

Search URL Search Domain Scan URL

URL: https://nationalpost.com/news/politics/canada-is-an-attractive-target-for-new-cyberattack-techniques-security-expert-testifies
Title: troubling reports

Search URL Search Domain Scan URL

URL: https://www.cbc.ca/news/canada/nova-scotia/spotify-charges-td-accounts-virtual-debit-cards-1.5213569
Title: all over Canada

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hydroquebec
Title: @hydroquebec

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/BeiV8wKB151/?utm_source=ig_web_copy_link
Title: embedded via

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sandrokriegbaum
Title: @sandrokriegbaum

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/BiYDiiHBKSm/?utm_source=ig_web_copy_link
Title: embedded via

Search URL Search Domain Scan URL

URL: https://www.instagram.com/arantxa.tapia
Title: @arantxa.tapia

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Ba4bX4QgfQr/?utm_source=ig_web_copy_link
Title: embedded via

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Bn_cuSplrp_/?utm_source=ig_web_copy_link
Title: embedded via

Search URL Search Domain Scan URL

URL: https://www.instagram.com/aurelie_bnv
Title: @aurelie_bnv

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/BPgoNsUjOGq/?utm_source=ig_web_copy_link
Title: embedded via

Search URL Search Domain Scan URL

URL: http://www.antifraudcentre-centreantifraude.ca/index-eng.htm
Title: Canadian Anti-Fraud Centre

Search URL Search Domain Scan URL

URL: https://www.sq.gouv.qc.ca/services/campagnes/mpf/
Title: Sûreté du Québec

Search URL Search Domain Scan URL

URL: http://corp.aarki.com/privacy
Title: Aarki

Search URL Search Domain Scan URL

URL: https://www.adacado.com/privacy-policy-april-25-2018/
Title: Adacado

Search URL Search Domain Scan URL

URL: https://adara.com/2018/04/10/adara-gdpr-faq/
Title: Adara Media

Search URL Search Domain Scan URL

URL: https://www.adclear.de/datenschutzerklaerung/
Title: AdClear

Search URL Search Domain Scan URL

URL: http://theadex.com/
Title: ADEX

Search URL Search Domain Scan URL

URL: https://site.adform.com/uncategorized/product-and-services-privacy-policy/
Title: Adform

Search URL Search Domain Scan URL

URL: https://www.adikteev.com/eu/privacy/
Title: Adikteev

Search URL Search Domain Scan URL

URL: https://adledge.com/data-privacy/
Title: AdLedge

Search URL Search Domain Scan URL

URL: http://adloox.com/disclaimer
Title: Adloox

Search URL Search Domain Scan URL

URL: https://adludio.com/termsandconditions
Title: Adludio

Search URL Search Domain Scan URL

URL: http://www.admaxim.com/admaxim-privacy-policy/
Title: AdMaxim

Search URL Search Domain Scan URL

URL: https://www.admedo.com/privacy-policy
Title: Admedo

Search URL Search Domain Scan URL

URL: https://admetrics.io/en/privacy_policy/
Title: Admetrics

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy/general-data-protection-regulation.html
Title: Adobe Advertising Cloud

Search URL Search Domain Scan URL

URL: https://www.adroll.com/gdpr
Title: AdRoll, Inc.

Search URL Search Domain Scan URL

URL: https://privacy.adtriba.com/
Title: AdTriba

Search URL Search Domain Scan URL

URL: https://www.ad4mat.com/en/privacy/
Title: advanced STORE GmbH

Search URL Search Domain Scan URL

URL: https://www.adventori.com/fr/avec-nous/mentions-legales/
Title: Adventori

Search URL Search Domain Scan URL

URL: http://advolution.de/privacy.php
Title: advolution.control

Search URL Search Domain Scan URL

URL: https://www.affili.net/uk/footeritem/privacy-policy
Title: affilinet

Search URL Search Domain Scan URL

URL: http://www.akamai.com/compliance/privacy
Title: Akamai

Search URL Search Domain Scan URL

URL: https://www.amazon.co.uk/gp/help/customer/display.html?nodeId=201909010
Title: Amazon

Search URL Search Domain Scan URL

URL: https://www.amobee.com/trust/privacy-guidelines
Title: Amobee

Search URL Search Domain Scan URL

URL: https://analights.com/docs/analights-consent-to-the-processing-of-personal-data-en.pdf
Title: Analights

Search URL Search Domain Scan URL

URL: https://www.applovin.com/privacy
Title: AppLovin Corp.

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/en/company/platform-privacy-policy
Title: AppNexus

Search URL Search Domain Scan URL

URL: https://www.arrivalist.com/privacy#gdpr
Title: Arrivalist

Search URL Search Domain Scan URL

URL: http://privacy.audienceproject.com/for-users/
Title: AudienceProject

Search URL Search Domain Scan URL

URL: https://www.aunica.com.br/privacy/privacy.html
Title: Aunica

Search URL Search Domain Scan URL

URL: http://avocet.io/privacy-portal
Title: Avocet

Search URL Search Domain Scan URL

URL: https://www.bannerflow.com/privacy
Title: Bannerflow

Search URL Search Domain Scan URL

URL: http://batch.ba/datenschutzerklarung/
Title: Batch Media

Search URL Search Domain Scan URL

URL: https://www.xxxlutz.de/ocms/privacy
Title: BDSK Handels GmbH & Co. KG

Search URL Search Domain Scan URL

URL: https://www.beeswax.com/privacy.html
Title: Beeswax

Search URL Search Domain Scan URL

URL: http://betting.geniussports.com/connextra-service-terms-conditions/
Title: Betgenius

Search URL Search Domain Scan URL

URL: http://www.blis.com/privacy/
Title: Blismedia

Search URL Search Domain Scan URL

URL: http://bombora.com/privacy
Title: Bombora

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/privacy.en-gb.html
Title: Booking.com

Search URL Search Domain Scan URL

URL: https://c3metrics.com/privacy
Title: C3 Metrics

Search URL Search Domain Scan URL

URL: http://cablato.com/privacy
Title: Cablato

Search URL Search Domain Scan URL

URL: https://www.celtra.com/privacy-policy/
Title: Celtra

Search URL Search Domain Scan URL

URL: https://www.centro.net/privacy-policy/
Title: Centro

Search URL Search Domain Scan URL

URL: https://www.cint.com/participant-privacy-notice/
Title: Cint

Search URL Search Domain Scan URL

URL: https://clinch.co/pages/privacy.html
Title: Clinch

Search URL Search Domain Scan URL

URL: http://green.erne.co/assets/PolicyCT.pdf
Title: Cloud Technologies

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/security-policy/
Title: Cloudflare

Search URL Search Domain Scan URL

URL: https://www.commandersact.com/en/privacy/
Title: Commanders Act

Search URL Search Domain Scan URL

URL: https://www.comscore.com/About-comScore/Privacy-Policy
Title: comScore

Search URL Search Domain Scan URL

URL: https://www.conversantmedia.eu/legal/privacy-policy
Title: Conversant/CJ Affiliate

Search URL Search Domain Scan URL

URL: https://crimtan.com/privacy-ctl/
Title: Crimtan

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy
Title: Criteo

Search URL Search Domain Scan URL

URL: http://cubed.ai/privacy-policy/gdpr/
Title: CUBED

Search URL Search Domain Scan URL

URL: https://www.dataxu.com/gdpr/
Title: DataXu

Search URL Search Domain Scan URL

URL: http://www.deltaprojects.com/data-collection-policy/
Title: Delta Projects

Search URL Search Domain Scan URL

URL: https://www.demandbase.com/privacy-policy/
Title: Demandbase

Search URL Search Domain Scan URL

URL: http://www.dentsu.co.jp/terms/data_policy.html
Title: DENTSU

Search URL Search Domain Scan URL

URL: http://www.dentsu.com/termsofuse/data_policy.html
Title: Dentsu Aegis Network

Search URL Search Domain Scan URL

URL: http://www.digiseg.io/GDPR/
Title: Digiseg

Search URL Search Domain Scan URL

URL: https://www.dma-institute.com/privacy-compliancy/
Title: DMA Institute

Search URL Search Domain Scan URL

URL: https://www.doubleverify.com/privacy/
Title: DoubleVerify

Search URL Search Domain Scan URL

URL: https://dstillery.com/privacy-policy/
Title: Dstillery

Search URL Search Domain Scan URL

URL: https://client.adhslx.com/privacy.html
Title: DTS

Search URL Search Domain Scan URL

URL: https://www.rvty.net/gdpr
Title: EASYmedia

Search URL Search Domain Scan URL

URL: https://www.ebay.com/help/policies/member-behaviour-policies/user-privacy-notice-privacy-policy?id=4260#section12
Title: eBay

Search URL Search Domain Scan URL

URL: http://ebuilders.nl/privacy
Title: ebuilders

Search URL Search Domain Scan URL

URL: https://www.effiliation.com/politique-confidentialite.html
Title: Effinity

Search URL Search Domain Scan URL

URL: https://www.emetriq.com/datenschutz/
Title: emetriq

Search URL Search Domain Scan URL

URL: https://www.ensighten.com/privacy-policy/
Title: Ensighten

Search URL Search Domain Scan URL

URL: https://essens.no/privacy-policy/
Title: Essens

Search URL Search Domain Scan URL

URL: https://www.evidon.com/resources/privacy-statement/
Title: Evidon

Search URL Search Domain Scan URL

URL: https://www.exactag.com/en/data-privacy
Title: Exactag

Search URL Search Domain Scan URL

URL: http://exponential.com/privacy/
Title: Exponential

Search URL Search Domain Scan URL

URL: https://www.facebook.com/about/privacy/update
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.flashtalking.com/first-party-ad-serving/
Title: Flashtalking

Search URL Search Domain Scan URL

URL: https://www.fractionalmedia.com/privacy-policy
Title: Fractional Media

Search URL Search Domain Scan URL

URL: http://www.s4m.io/privacy-policy/
Title: FUSIO BY S4M

Search URL Search Domain Scan URL

URL: https://www.gemius.com/cookie-policy.html
Title: Gemius

Search URL Search Domain Scan URL

URL: https://sensic.net/
Title: GfK

Search URL Search Domain Scan URL

URL: https://www.google.com/about/company/user-consent-policy.html
Title: Google

Search URL Search Domain Scan URL

URL: http://www.gsi-one.org/templates/gsi/en/files/privacy_policy.pdf
Title: GP One

Search URL Search Domain Scan URL

URL: https://www.groupm.com/privacy-policy
Title: GroupM

Search URL Search Domain Scan URL

URL: https://createjs.com/legal/privacy.html
Title: gskinner

Search URL Search Domain Scan URL

URL: https://haensel-ams.com/data-privacy/
Title: Haensel AMS

Search URL Search Domain Scan URL

URL: http://www.centraltag.com/commercial/policy/index.action
Title: Havas Media France - DBi

Search URL Search Domain Scan URL

URL: http://www.hurra.com/impressum
Title: hurra.com

Search URL Search Domain Scan URL

URL: https://www.ibm.com/customer-engagement/digital-marketing/gdpr
Title: IBM

Search URL Search Domain Scan URL

URL: https://www.ignitionone.com/privacy-policy/gdpr-subject-access-requests/
Title: Ignition One

Search URL Search Domain Scan URL

URL: https://impact.com/privacy-policy/
Title: Impact

Search URL Search Domain Scan URL

URL: http://www.indexexchange.com/privacy/
Title: Index Exchange

Search URL Search Domain Scan URL

URL: https://impressiondesk.com/
Title: Infectious Media

Search URL Search Domain Scan URL

URL: http://www.innovid.com/privacy-policy
Title: Innovid

Search URL Search Domain Scan URL

URL: http://www.integralads.com/privacy-policy
Title: Integral Ad Science

Search URL Search Domain Scan URL

URL: https://www.intelliad.de/datenschutz
Title: intelliAd

Search URL Search Domain Scan URL

URL: https://www.interpublic.com/privacy-notice
Title: Interpublic Group

Search URL Search Domain Scan URL

URL: http://www.bidswitch.com/privacy-policy/
Title: IPONWEB

Search URL Search Domain Scan URL

URL: http://www.jivox.com/privacy/
Title: Jivox

Search URL Search Domain Scan URL

URL: https://www.kantarmedia.com/global/privacy-statement
Title: Kantar

Search URL Search Domain Scan URL

URL: https://www.kochava.com/support-privacy/
Title: Kochava

Search URL Search Domain Scan URL

URL: http://www.lifestreet.com/privacy
Title: LifeStreet

Search URL Search Domain Scan URL

URL: https://liftoff.io/privacy-policy/
Title: Liftoff

Search URL Search Domain Scan URL

URL: https://liveramp.com/service-privacy-policy/
Title: LiveRamp

Search URL Search Domain Scan URL

URL: https://www.localsensor.com/privacy.html
Title: Localsensor

Search URL Search Domain Scan URL

URL: https://loopme.com/privacy/
Title: LoopMe

Search URL Search Domain Scan URL

URL: https://www.lotame.com/about-lotame/privacy/
Title: Lotame

Search URL Search Domain Scan URL

URL: https://www.metrixlab.com/privacy-statement/
Title: Macromill group

Search URL Search Domain Scan URL

URL: http://www.mainad.com/privacy-policy
Title: MainADV

Search URL Search Domain Scan URL

URL: https://www.manage.com/privacy-policy/
Title: Manage.com

Search URL Search Domain Scan URL

URL: http://mktsci.com/privacy_policy.htm
Title: Marketing Science Consulting Group, Inc.

Search URL Search Domain Scan URL

URL: https://privacy.mbr-targeting.com/
Title: MBR Targeting Gmbh

Search URL Search Domain Scan URL

URL: http://www.mediamath.com/privacy-policy/
Title: MediaMath

Search URL Search Domain Scan URL

URL: https://www.meetrics.com/en/data-privacy/
Title: Meetrics

Search URL Search Domain Scan URL

URL: https://www.mindtake.com/en/reppublika-privacy-policy
Title: MindTake Research

Search URL Search Domain Scan URL

URL: http://www.mobitrans.net/privacy-policy/
Title: Mobitrans

Search URL Search Domain Scan URL

URL: http://mobpro.com/privacy.html
Title: Mobpro

Search URL Search Domain Scan URL

URL: http://www.molocoads.com/private-policy.html
Title: Moloco Ads

Search URL Search Domain Scan URL

URL: http://site.msi-aci.com/Home/FlexTrackPrivacy
Title: MSI-ACI

Search URL Search Domain Scan URL

URL: http://www.nanointeractive.com/privacy
Title: Nano Interactive

Search URL Search Domain Scan URL

URL: https://www.navegg.com/en/privacy-policy/
Title: Navegg

Search URL Search Domain Scan URL

URL: https://www.neodatagroup.com/en/security-policy
Title: Neodata Group

Search URL Search Domain Scan URL

URL: https://www.neory.com/privacy.html
Title: NEORY GmbH

Search URL Search Domain Scan URL

URL: http://www.netflix.com/google-3PAS-info
Title: Netflix

Search URL Search Domain Scan URL

URL: https://www.nicequest.com/us/privacy
Title: Netquest

Search URL Search Domain Scan URL

URL: https://web.neural.one/privacy-policy/
Title: Neural.ONE

Search URL Search Domain Scan URL

URL: https://www.home.neustar/privacy
Title: Neustar

Search URL Search Domain Scan URL

URL: http://www.nielsen.com/us/en/privacy-statement/digital-measurement.html
Title: Nielsen

Search URL Search Domain Scan URL

URL: http://ads.1000mercis.com/us.html
Title: numberly

Search URL Search Domain Scan URL

URL: https://policies.oath.com/xw/en/oath/privacy/enterprise/b2bprivacypolicy/
Title: Oath

Search URL Search Domain Scan URL

URL: https://www.objectivepartners.com/cookie-policy-and-privacy-statement/
Title: Objective Partners

Search URL Search Domain Scan URL

URL: https://www.omnicommediagroup.com/disclaimer.htm
Title: Omnicom Media Group

Search URL Search Domain Scan URL

URL: https://ondeviceresearch.com/GDPR
Title: On Device Research

Search URL Search Domain Scan URL

URL: https://www.onetag.net/privacy/
Title: OneTag

Search URL Search Domain Scan URL

URL: https://www.openx.com/legal/privacy-policy/
Title: OpenX Technologies

Search URL Search Domain Scan URL

URL: http://optomaton.com/privacy.html
Title: Optomaton

Search URL Search Domain Scan URL

URL: https://www.oracle.com/legal/privacy/marketing-cloud-data-cloud-privacy-policy.html
Title: Oracle Data Cloud

Search URL Search Domain Scan URL

URL: https://www.otto.de/shoppages/service/datenschutz
Title: OTTO

Search URL Search Domain Scan URL

URL: http://permodo.com/de/privacy.html
Title: PERMODO

Search URL Search Domain Scan URL

URL: http://www.pixalate.com/privacypolicy/
Title: Pixalate

Search URL Search Domain Scan URL

URL: https://platform161.com/cookie-and-privacy-policy/
Title: Platform161

Search URL Search Domain Scan URL

URL: https://www.pmg.com/privacy-policy/
Title: PMG

Search URL Search Domain Scan URL

URL: http://www.protected.media/privacy-policy/
Title: Protected Media

Search URL Search Domain Scan URL

URL: https://www.publicismedia.de/datenschutz/
Title: Publicis Media

Search URL Search Domain Scan URL

URL: https://pubmatic.com/legal/privacy-policy/
Title: PubMatic

Search URL Search Domain Scan URL

URL: https://www.pulsepoint.com/privacy-policy
Title: PulsePoint

Search URL Search Domain Scan URL

URL: https://www.quantcast.com/privacy/
Title: Quantcast

Search URL Search Domain Scan URL

URL: http://www.rackspace.com/gdpr
Title: Rackspace

Search URL Search Domain Scan URL

URL: https://rakutenmarketing.com/legal-notices/services-privacy-policy
Title: Rakuten Marketing

Search URL Search Domain Scan URL

URL: https://relay42.com/privacy
Title: Relay42

Search URL Search Domain Scan URL

URL: http://remerge.io/privacy-policy.html
Title: Remerge

Search URL Search Domain Scan URL

URL: https://www.nonstoppartner.net/
Title: Resolution Media

Search URL Search Domain Scan URL

URL: https://www.resonate.com/privacy-policy/
Title: Resonate

Search URL Search Domain Scan URL

URL: https://www.revjet.com/privacy
Title: RevJet

Search URL Search Domain Scan URL

URL: https://www.rhythmone.com/landing/gdpr
Title: RhythmOne LLC

Search URL Search Domain Scan URL

URL: https://www.valuedopinions.co.uk/privacy
Title: RN SSI Group

Search URL Search Domain Scan URL

URL: https://www.roq.ad/privacy-policy
Title: Roq.ad

Search URL Search Domain Scan URL

URL: https://www.rtbhouse.com/gdpr/
Title: RTB House

Search URL Search Domain Scan URL

URL: http://rubiconproject.com/rubicon-project-yield-optimization-privacy-policy/
Title: Rubicon Project

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/company/privacy/
Title: Salesforce DMP

Search URL Search Domain Scan URL

URL: http://www.scenestealer.tv/privacy-policy
Title: Scenestealer

Search URL Search Domain Scan URL

URL: http://scoota.com/privacy-policy/
Title: Scoota

Search URL Search Domain Scan URL

URL: https://seenthis.co/privacy-notice-2018-04-18.pdf
Title: Seenthis

Search URL Search Domain Scan URL

URL: http://www.semasio.com/privacy-policy/
Title: Semasio GmbH

Search URL Search Domain Scan URL

URL: http://www.sfr.fr/securite-confidentialite.html
Title: SFR

Search URL Search Domain Scan URL

URL: https://www.sift.co/privacy
Title: Sift Media

Search URL Search Domain Scan URL

URL: https://www.simpli.fi/site-privacy-policy2/
Title: Simpli.fi

Search URL Search Domain Scan URL

URL: https://www.sizmek.com/privacy-policy/
Title: Sizmek

Search URL Search Domain Scan URL

URL: https://www.smaato.com/privacy/
Title: Smaato

Search URL Search Domain Scan URL

URL: http://smadex.com/end-user-privacy-policy/
Title: Smadex

Search URL Search Domain Scan URL

URL: http://smartadserver.com/company/privacy-policy/
Title: Smart

Search URL Search Domain Scan URL

URL: https://www.smartology.net/privacy-policy/
Title: Smartology

Search URL Search Domain Scan URL

URL: https://www.sociomantic.com/privacy/en/
Title: Sociomantic

Search URL Search Domain Scan URL

URL: https://www.sojern.com/privacy/product-privacy-policy/
Title: Sojern

Search URL Search Domain Scan URL

URL: https://www.sovrn.com/privacy-policy/
Title: Sovrn

Search URL Search Domain Scan URL

URL: http://www.spotad.co/privacy-policy/
Title: Spotad

Search URL Search Domain Scan URL

URL: https://www.spotx.tv/privacy-policy/
Title: SpotX

Search URL Search Domain Scan URL

URL: http://static.tabmo.io.s3.amazonaws.com/privacy-policy/index.html
Title: TabMo

Search URL Search Domain Scan URL

URL: https://www.taboola.com/privacy-policy
Title: Taboola

Search URL Search Domain Scan URL

URL: http://tacticrealtime.com/privacy/
Title: TACTIC™ Real-Time Marketing

Search URL Search Domain Scan URL

URL: https://teads.tv/privacy-policy/
Title: Teads

Search URL Search Domain Scan URL

URL: https://teemo.co/fr/confidentialite/
Title: TEEMO

Search URL Search Domain Scan URL

URL: https://www.thetradedesk.com/general/privacy-policy
Title: The Trade Desk

Search URL Search Domain Scan URL

URL: http://www.tradedoubler.com/en/privacy-policy/
Title: Tradedoubler AB

Search URL Search Domain Scan URL

URL: https://travelaudience.com/product-privacy-policy/
Title: travel audience – An Amadeus Company

Search URL Search Domain Scan URL

URL: https://www.yieldr.com/privacy/
Title: Travel Data Collective

Search URL Search Domain Scan URL

URL: http://tresensa.com/eu-privacy/index.html
Title: TreSensa

Search URL Search Domain Scan URL

URL: https://triplelift.com/privacy/
Title: TripleLift

Search URL Search Domain Scan URL

URL: https://trueffect.com/privacy-policy/
Title: TruEffect

Search URL Search Domain Scan URL

URL: https://www.trustarc.com/privacy-policy/
Title: TrustArc

Search URL Search Domain Scan URL

URL: https://www.turbobytes.com/gdpr/
Title: Turbobytes

Search URL Search Domain Scan URL

URL: http://www.usemax.de/?l=privacy
Title: usemax (Emego GmbH)

Search URL Search Domain Scan URL

URL: https://videologygroup.com/en/privacy-policy/
Title: Videology

Search URL Search Domain Scan URL

URL: https://vimeo.com/cookie_policy
Title: Vimeo

Search URL Search Domain Scan URL

URL: https://virtualminds.de/datenschutz/
Title: Virtual Minds

Search URL Search Domain Scan URL

URL: https://www.vodafone.de/unternehmen/datenschutz-privatsphaere.html
Title: Vodafone GmbH

Search URL Search Domain Scan URL

URL: https://www.wayfair.com/customerservice/general_info.php#privacy
Title: Waystack

Search URL Search Domain Scan URL

URL: https://weborama.com/en/weborama-privacy-commitment/
Title: Weborama

Search URL Search Domain Scan URL

URL: https://www.whiteops.com/privacy
Title: White Ops

Search URL Search Domain Scan URL

URL: https://www.widespace.com/legal/privacy-policy-notice/
Title: Widespace

Search URL Search Domain Scan URL

URL: https://www.wizaly.com/terms-of-use#privacy-policy
Title: Wizaly

Search URL Search Domain Scan URL

URL: https://zms.zalando.com/
Title: ZMS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.instagram.com/p/BeiV8wKB151/media?size=l HTTP 301
https://www.instagram.com/p/BeiV8wKB151/media/?size=l HTTP 302
https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/27575926_188589701727732_3235076531076202496_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=100&_nc_ohc=mktsh25bDmgAX_XRae3&oh=13e4dd23f22735d851fd38f3d9cea648&oe=5EE063D2

Request Chain 14

https://www.instagram.com/p/BiYDiiHBKSm/media?size=l HTTP 301
https://www.instagram.com/p/BiYDiiHBKSm/media/?size=l HTTP 302
https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/31938198_1807723136200877_5380234617494175744_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=105&_nc_ohc=Zbv8mcYzDnYAX8LohLI&oh=2133889b840052f95e3f3cb2feba1d87&oe=5F011777

Request Chain 16

https://www.instagram.com/p/Ba4bX4QgfQr/media?size=l HTTP 301
https://www.instagram.com/p/Ba4bX4QgfQr/media/?size=l HTTP 302
https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/22857523_1079958718773502_7029907516955820032_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=110&_nc_ohc=lJ4sfV3CXlYAX9ydLBd&oh=45733a5badd624136607a11823691768&oe=5EC939A0

Request Chain 17

https://www.instagram.com/p/Bn_cuSplrp_/media?size=l HTTP 301
https://www.instagram.com/p/Bn_cuSplrp_/media/?size=l HTTP 302
https://scontent-frt3-1.cdninstagram.com/v/t51.2885-15/e35/41582493_689050781470526_4527649872806931656_n.jpg?_nc_ht=scontent-frt3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=u1sTzgveu2QAX9oWjFB&oh=4bdcb36f189e946dfcc37324cb973c34&oe=5EC9C860

Request Chain 19

https://www.instagram.com/p/BPgoNsUjOGq/media?size=l HTTP 301
https://www.instagram.com/p/BPgoNsUjOGq/media/?size=l HTTP 302
https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/16123565_799249370214360_8019678040214732800_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=100&_nc_ohc=ukLpi5mpgJoAX9y3Zc4&oh=2d4f798aec426d7fade9311d945308b8&oe=5EF9D9BA

Request Chain 25

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js

Request Chain 56

https://r.skimresources.com/api/ HTTP 307
https://r.skimresources.com/api/?xguid=01E1EPG9WT8S02NHQ2S3XBZXTE&persistence=1&checksum=70b08b7345ee152b6a2041c6c3edc5c85af6d5ed3c80255c2cc941618e04c97e

Request Chain 57

https://sb.scorecardresearch.com/b?c1=2&c2=18729422&ns__t=1582115071858&ns_c=UTF-8&cv=3.5&c8=Cyber%20Attackers%20Are%20Targeting%20Hydro-Qu%C3%A9bec%20-%20MTL%20Blog&c7=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=18729422&ns__t=1582115071858&ns_c=UTF-8&cv=3.5&c8=Cyber%20Attackers%20Are%20Targeting%20Hydro-Qu%C3%A9bec%20-%20MTL%20Blog&c7=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&c9=

Request Chain 76

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=2ee3d42339090672aad395e99a26f399 HTTP 302
https://p.skimresources.com/?provider_id=2ee3d42339090672aad395e99a26f399&skim_mapping=true

Request Chain 84

https://x.skimresources.com/?provider=exelate HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=dd0e95a3232ca3c2c1468a5c64470f69 HTTP 302
https://p.skimresources.com/?provider_id=dd0e95a3232ca3c2c1468a5c64470f69&skim_mapping=true

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cyber-attackers-are-targeting-hydro-quebec Show response
www.mtlblog.com/news/canada/qc/montreal/ 38 KB
13 KB 216ms
169ms Document
text/html 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b58e694d4ca155716e8ee1703b5e5d8c891cb32bccae80042dc6d38b5a0a49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.mtlblog.com
:scheme: https
:path: /news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 19 Feb 2020 12:24:31 GMT
content-type: text/html
set-cookie: __cfduid=d2445da32ae1da20d616c56a94353d90e1582115071; expires=Fri, 20-Mar-20 12:24:31 GMT; path=/; domain=.mtlblog.com; HttpOnly; SameSite=Lax
cf-railgun: direct (waiting for pending WAN connection)
last-modified: Thu, 13 Feb 2020 22:20:41 GMT
lml-country-code: DE
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 567837db7c92bed3-FRA
content-encoding: br

GET
H2 200 polemos.26fd72d7bd3bda48fccd.js Show response
www.mtlblog.com/ 2 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/polemos.26fd72d7bd3bda48fccd.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b754722b8fc8aa2d440057446cc58b36f4e40dbd43968c64ee5d8a4dac2534a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6141
status: 200
lml-country-code: DE
last-modified: Tue, 18 Feb 2020 21:42:18 GMT
server: cloudflare
etag: W/"5e4c5a3a-97e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
expires: Sat, 21 Mar 2020 12:24:31 GMT
cache-control: public, max-age=2678400
cf-ray: 567837dc8dd5bed3-FRA
cf-bgj: minify

GET
H2 200 v2_vendors.26fd72d7bd3bda48fccd.js Show response
www.mtlblog.com/ 92 KB
31 KB 20ms
19ms Script
application/javascript 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/v2_vendors.26fd72d7bd3bda48fccd.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97f3ba5d5c09de91afdfd5069216113a108e33dc4d508f299c51a7f9e70b9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6142
cf-polished: origSize=94530
status: 200
lml-country-code: DE
last-modified: Tue, 18 Feb 2020 21:42:18 GMT
server: cloudflare
etag: W/"5e4c5a3a-17142"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
expires: Sat, 21 Mar 2020 12:24:31 GMT
cache-control: public, max-age=2678400
cf-ray: 567837dc8ddabed3-FRA
cf-bgj: minify

GET
H2 200 v2_main.26fd72d7bd3bda48fccd.js Show response
www.mtlblog.com/ 78 KB
16 KB 27ms
26ms Script
application/javascript 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/v2_main.26fd72d7bd3bda48fccd.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5086bf11c18729912e406aa96de28d33cc056e66d280aa21280db68b08b12de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6142
status: 200
lml-country-code: DE
last-modified: Tue, 18 Feb 2020 21:42:18 GMT
server: cloudflare
etag: W/"5e4c5a3a-13957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
expires: Sat, 21 Mar 2020 12:24:31 GMT
cache-control: public, max-age=2678400
cf-ray: 567837dc8ddbbed3-FRA
cf-bgj: minify

GET
H2 200 cyber-attackers-are-targeting-hydro-quebec.json
www.mtlblog.com/news/canada/qc/montreal/ 11 KB
4 KB 141ms
141ms Other
application/json 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec.json

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5743866ba58f2b0566b61df088b813b63debffad033c2d49afafb3565492c19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

cf-ray: 567837dc8dddbed3-FRA
date: Wed, 19 Feb 2020 12:24:31 GMT
lml-country-code: DE
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Feb 2020 22:20:42 GMT
server: cloudflare
etag: W/"5e45cbba-2df3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun: direct (starting new WAN connection)
content-type: application/json
status: 200
strict-transport-security: max-age=15552000
content-encoding: br

GET
H2 200 narcitymedia.js Show response
cdn.blueconic.net/ 124 KB
37 KB 153ms
62ms Script
text/javascript 143.204.202.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/narcitymedia.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.202.28 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-28.fra53.r.cloudfront.net

Software

- /

Resource Hash

9551e0fad0dc58bf027dab9956e664efb5bc99ee9b1c311f5aa969b7023d9219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 1
x-cache: Hit from cloudfront
status: 200
content-length: 37839
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jan 2020 10:34:05 GMT
server: -
etag: "1ef88-59c17219c5660-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: C_DFi12aC4QkGhVLWnpRswIAxE2FJzh1Ep2HQYki-kFNeuYh8_-d-Q==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
15 KB 137ms
68ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

42665bc691c53dad4d6eef7785b5fdc0c4fd6d4cab47102f0b5826d19ac1d6c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "432 / 456 of 1000 / last-modified: 1582064189"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14530
x-xss-protection: 0
expires: Wed, 19 Feb 2020 12:24:31 GMT

GET
H2 200 polemos.c0c6c18da1431adb.css
www.mtlblog.com/ 52 KB
11 KB 21ms
21ms Stylesheet
text/css 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/polemos.c0c6c18da1431adb.css

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9da5cc4cd871bd19914e06e7c483c44362acc3db58258383cddeefc1e3cbbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6142
cf-polished: origSize=54299
status: 200
lml-country-code: DE
last-modified: Tue, 18 Feb 2020 21:41:56 GMT
server: cloudflare
etag: W/"5e4c5a24-d41b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: text/css
expires: Sat, 21 Mar 2020 12:24:31 GMT
cache-control: public, max-age=2678400
cf-ray: 567837dc9de0bed3-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6659
date: Wed, 19 Feb 2020 10:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 19 Feb 2020 12:33:32 GMT

GET
H2 200 fbadnw60-tag.js Show response
connect.facebook.net/en_US/ 7 KB
3 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbadnw60-tag.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d148c3c98dcbd2b8aff39ea353523b714d2239f64770cedd81cb70afb2bb141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qCu2So2mKqRCXTV421UgIg==
status: 200
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
expires: Wed, 19 Feb 2020 21:05:54 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 3147
x-fb-debug: nkAW9vJ1jH17WD3vP2WqrQxS/5Yt6jme2Nh9B+m2INxTBKfDJ6TH8TtgOiulvYNxlEbmrddprfJo+skvvDTeAg==
x-fb-trip-id: 2047048586
x-fb-content-md5: 51bc2292eac7f767f5c5c1018fa77203
etag: "dfc5089d9c30fbc12a7011d4fae9600f"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=86400,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK 184729-247851731068523.js Show response
js-sec.indexww.com/ht/p/ 34 KB
11 KB 526ms
443ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184729-247851731068523.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3c8553edbef083132e8d30dff58429afffd160effedf0b99ec54b0e92eeff8b9

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 12:24:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 11:56:55 GMT
Server: Apache
ETag: "9032d3-876d-59eec7c1ee074"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3578
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 11334
Expires: Wed, 19 Feb 2020 13:24:09 GMT

GET
H2 200 loader.js Show response
contributor.google.com/scripts/605af088f49177f6/ 100 KB
35 KB 147ms
142ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/605af088f49177f6/loader.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37ad549f2800672875db6ac707d83f2876f6672cc09aa47c967ee9a203aa9b93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IzwKc2GMR3XwXc++1aoCEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-IzwKc2GMR3XwXc++1aoCEQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private, max-age=86400
content-security-policy: script-src 'report-sample' 'nonce-IzwKc2GMR3XwXc++1aoCEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-IzwKc2GMR3XwXc++1aoCEQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Wed, 19 Feb 2020 12:24:31 GMT

GET
H2 403 25036400_349409635526597_5651682202778337280_n.jpg
scontent-lga3-1.cdninstagram.com/vp/f751e610cda4b3af497ae831229f5ede/5DD25297/t51.2885-19/s150x150/ 21 B
21 B 249ms
81ms Image
text/plain 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/f751e610cda4b3af497ae831229f5ede/5DD25297/t51.2885-19/s150x150/25036400_349409635526597_5651682202778337280_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 403
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
alt-svc: h3-24=":443"; ma=3600
content-length: 21
content-type: text/plain

GET
H2

200

27575926_188589701727732_3235076531076202496_n.jpg
scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/
Redirect Chain

https://www.instagram.com/p/BeiV8wKB151/media?size=l
https://www.instagram.com/p/BeiV8wKB151/media/?size=l
https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/27575926_188589701727732_3235076531076202496_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=100&_nc_ohc=mktsh25bDmgAX_XRae3&oh=13e4...

101 KB
102 KB

163ms
162ms

Image
image/jpeg

2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/27575926_188589701727732_3235076531076202496_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=100&_nc_ohc=mktsh25bDmgAX_XRae3&oh=13e4dd23f22735d851fd38f3d9cea648&oe=5EE063D2
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fa3f86ca97962c9e2437f5f59cc2fd2ec69cccd8096b4afb7cdf31f6444ace3c

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 2906665609
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-fb-trip-id: 1709462857
last-modified: Mon, 29 Jan 2018 14:24:03 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 734
x-fb-edge-debug: sU36rb_G3RvaBU8N7E8C6r9UyWglfn5iuXgJt2qhjW9LO8V1vzZp4-leBYTbN60tvN4k9lZwp3lUkBwYgW0lZg
x-needle-checksum: 2639115223
x-fb-config-version-olb-prod: 734
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 103695

Redirect headers

date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-content-type-options: nosniff
x-aed: 15
status: 302
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-trip-id: 1679558926
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie
content-language: en
location: https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/27575926_188589701727732_3235076531076202496_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=100&_nc_ohc=mktsh25bDmgAX_XRae3&oh=13e4dd23f22735d851fd38f3d9cea648&oe=5EE063D2
access-control-expose-headers: X-IG-Set-WWW-Claim
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 403 28434404_216431469098527_1691138373458067456_n.jpg
scontent-lga3-1.cdninstagram.com/vp/f05b777d2e89e6310cf409b86b93b57b/5DD09F85/t51.2885-19/s150x150/ 21 B
21 B 249ms
82ms Image
text/plain 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/f05b777d2e89e6310cf409b86b93b57b/5DD09F85/t51.2885-19/s150x150/28434404_216431469098527_1691138373458067456_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 403
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
alt-svc: h3-24=":443"; ma=3600
content-length: 21
content-type: text/plain

GET
H2

200

31938198_1807723136200877_5380234617494175744_n.jpg
scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/
Redirect Chain

https://www.instagram.com/p/BiYDiiHBKSm/media?size=l
https://www.instagram.com/p/BiYDiiHBKSm/media/?size=l
https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/31938198_1807723136200877_5380234617494175744_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=105&_nc_ohc=Zbv8mcYzDnYAX8LohLI&oh=213...

83 KB
83 KB

217ms
217ms

Image
image/jpeg

2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/31938198_1807723136200877_5380234617494175744_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=105&_nc_ohc=Zbv8mcYzDnYAX8LohLI&oh=2133889b840052f95e3f3cb2feba1d87&oe=5F011777
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fc6f5ef57a72a2b89f63df7283e320b49303f6a06dbb3f46a98ec77596fc5dd5

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 1811666119
date: Wed, 19 Feb 2020 12:24:32 GMT, Wed, 19 Feb 2020 12:24:32 GMT
x-fb-trip-id: 1709462857
last-modified: Sat, 05 May 2018 00:36:21 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 734
x-fb-edge-debug: nsG1--pfxUexEJ9TPQKolekAbi2OX38iZvKerJz1agb-C_YgT7dfMhUG_AK1COa3aGS4RwghaJ4eGRD5z-r58A
x-needle-checksum: 937786595
x-fb-config-version-olb-prod: 734
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 84528

Redirect headers

date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-content-type-options: nosniff
x-aed: 15
status: 302
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-trip-id: 1679558926
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie
content-language: en
location: https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/31938198_1807723136200877_5380234617494175744_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=105&_nc_ohc=Zbv8mcYzDnYAX8LohLI&oh=2133889b840052f95e3f3cb2feba1d87&oe=5F011777
access-control-expose-headers: X-IG-Set-WWW-Claim
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 403 14723577_181500512295270_2623777288990228480_a.jpg
scontent-lga3-1.cdninstagram.com/vp/7556cda783c37194b011d3d82cca2b44/5DE2079D/t51.2885-19/s150x150/ 21 B
21 B 240ms
82ms Image
text/plain 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/7556cda783c37194b011d3d82cca2b44/5DE2079D/t51.2885-19/s150x150/14723577_181500512295270_2623777288990228480_a.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 403
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
alt-svc: h3-24=":443"; ma=3600
content-length: 21
content-type: text/plain

GET
H2

200

22857523_1079958718773502_7029907516955820032_n.jpg
scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/
Redirect Chain

https://www.instagram.com/p/Ba4bX4QgfQr/media?size=l
https://www.instagram.com/p/Ba4bX4QgfQr/media/?size=l
https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/22857523_1079958718773502_7029907516955820032_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=110&_nc_ohc=lJ4sfV3CXlYAX9ydLBd&oh=457...

72 KB
72 KB

214ms
213ms

Image
image/jpeg

2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/22857523_1079958718773502_7029907516955820032_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=110&_nc_ohc=lJ4sfV3CXlYAX9ydLBd&oh=45733a5badd624136607a11823691768&oe=5EC939A0
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6b350622d882239513462879525c3f42e2c855cffeebc98b1bcf7c4b2acd35cd

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 841556418
date: Wed, 19 Feb 2020 12:24:32 GMT, Wed, 19 Feb 2020 12:24:32 GMT
x-fb-trip-id: 1709462857
last-modified: Mon, 30 Oct 2017 18:09:09 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 734
x-fb-edge-debug: rGmoKXl0Lkp6l51XylyNaMKgXNF0VTBIlp89mm_5L6fFRAGpztovuS9pQhUuzWWNdV_LD4NOCgZwn7lzEAFtbA
x-needle-checksum: 4212526100
x-fb-config-version-olb-prod: 734
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 73988

Redirect headers

date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-content-type-options: nosniff
x-aed: 15
status: 302
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-trip-id: 1679558926
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie
content-language: en
location: https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/22857523_1079958718773502_7029907516955820032_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=110&_nc_ohc=lJ4sfV3CXlYAX9ydLBd&oh=45733a5badd624136607a11823691768&oe=5EC939A0
access-control-expose-headers: X-IG-Set-WWW-Claim
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

41582493_689050781470526_4527649872806931656_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.2885-15/e35/
Redirect Chain

https://www.instagram.com/p/Bn_cuSplrp_/media?size=l
https://www.instagram.com/p/Bn_cuSplrp_/media/?size=l
https://scontent-frt3-1.cdninstagram.com/v/t51.2885-15/e35/41582493_689050781470526_4527649872806931656_n.jpg?_nc_ht=scontent-frt3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=u1sTzgveu2QAX9oWjFB&oh=4bdc...

50 KB
50 KB

119ms
105ms

Image
image/jpeg

2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.cdninstagram.com/v/t51.2885-15/e35/41582493_689050781470526_4527649872806931656_n.jpg?_nc_ht=scontent-frt3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=u1sTzgveu2QAX9oWjFB&oh=4bdcb36f189e946dfcc37324cb973c34&oe=5EC9C860
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b00c4570a6a869980e4514528e334043840fa333f983db51ecd2e4d34c7d8485

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 2698179177
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-fb-trip-id: 1425083115
last-modified: Fri, 21 Sep 2018 14:23:46 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 734
x-fb-edge-debug: XNuFfXwkPzNthmqU5ve07x-VUMSNhn753LqDJBKHsXuu9W3WkgAWqTRM0DzxVIDOM01u4-fJ260f7fXOAReJZA
x-needle-checksum: 2419007170
x-fb-config-version-olb-prod: 734
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 51286

Redirect headers

date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-content-type-options: nosniff
x-aed: 15
status: 302
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-trip-id: 1679558926
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie
content-language: en
location: https://scontent-frt3-1.cdninstagram.com/v/t51.2885-15/e35/41582493_689050781470526_4527649872806931656_n.jpg?_nc_ht=scontent-frt3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=u1sTzgveu2QAX9oWjFB&oh=4bdcb36f189e946dfcc37324cb973c34&oe=5EC9C860
access-control-expose-headers: X-IG-Set-WWW-Claim
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 403 47164047_1103621413169980_7757717182988943360_n.jpg
scontent-lga3-1.cdninstagram.com/vp/3235aa2e3a5047b7a17bbcdf79a8e07e/5DD5A4F2/t51.2885-19/s150x150/ 21 B
21 B 121ms
82ms Image
text/plain 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/3235aa2e3a5047b7a17bbcdf79a8e07e/5DD5A4F2/t51.2885-19/s150x150/47164047_1103621413169980_7757717182988943360_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 403
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-fb-trip-id: 780166575
server: proxygen-bolt
alt-svc: h3-24=":443"; ma=3600
content-length: 21
content-type: text/plain

GET
H2

200

16123565_799249370214360_8019678040214732800_n.jpg
scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/
Redirect Chain

https://www.instagram.com/p/BPgoNsUjOGq/media?size=l
https://www.instagram.com/p/BPgoNsUjOGq/media/?size=l
https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/16123565_799249370214360_8019678040214732800_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=100&_nc_ohc=ukLpi5mpgJoAX9y3Zc4&oh=2d4f...

96 KB
96 KB

175ms
175ms

Image
image/jpeg

2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/16123565_799249370214360_8019678040214732800_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=100&_nc_ohc=ukLpi5mpgJoAX9y3Zc4&oh=2d4f798aec426d7fade9311d945308b8&oe=5EF9D9BA
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 18fc6ab6583f01ad3c9f58d8c5e5de5e9ae4e388fc236d9fbfb2de970a786d80

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 4247941916
date: Wed, 19 Feb 2020 12:24:32 GMT, Wed, 19 Feb 2020 12:24:32 GMT
x-fb-trip-id: 1709462857
last-modified: Sat, 21 Jan 2017 02:34:15 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-fb-config-version-elb-prod: 734
x-fb-edge-debug: e8lpe4nsMoPpEaKdG49JubWNooyLqtDsQ0O5feVHEoh1p6ht8t90HYtTRdvgYkzyHOlpw1bJ1r74RqPcl9bTow
x-needle-checksum: 525126217
x-fb-config-version-olb-prod: 734
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 98474

Redirect headers

date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-content-type-options: nosniff
x-aed: 15
status: 302
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-trip-id: 1679558926
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie
content-language: en
location: https://scontent-frx5-1.cdninstagram.com/v/t51.2885-15/e35/16123565_799249370214360_8019678040214732800_n.jpg?_nc_ht=scontent-frx5-1.cdninstagram.com&_nc_cat=100&_nc_ohc=ukLpi5mpgJoAX9y3Zc4&oh=2d4f798aec426d7fade9311d945308b8&oe=5EF9D9BA
access-control-expose-headers: X-IG-Set-WWW-Claim
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 biddr.js Show response
www.mtlblog.com/ 150 KB
45 KB 24ms
21ms Script
application/javascript 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/biddr.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9682a728417c13d57f6012c02c22a34ab6bf9b749af742975f7bba826b1df04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1636
cf-polished: origSize=153527
status: 200
lml-country-code: DE
last-modified: Wed, 19 Feb 2020 11:40:01 GMT
server: cloudflare
etag: W/"5e4d1e91-257b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
expires: Wed, 19 Feb 2020 12:54:31 GMT
cache-control: public, max-age=1800
cf-ray: 567837dcce0abed3-FRA
cf-bgj: minify

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 87 KB
25 KB 136ms
59ms Script
application/javascript 143.204.201.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.201.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 02:32:06 GMT
content-encoding: gzip
server: Server
age: 35544
etag: 1dcfbf3986ee8b9c3abbc67eb808ab43
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 59WD8Dn1o608MH6ukTOxn3oe5KvKdDqJ1-3A0pHYI7YsJu090gf0iw==
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)

GET
H2 200 9756557e8e.js Show response
kit.fontawesome.com/ 6 KB
2 KB 80ms
29ms Script
text/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/9756557e8e.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 3a75d665ec16d056a3c78fdea223637b57fc3d9c5e816e3f8639fed2d9f03418

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
last-modified: Fri, 20 Sep 2019 15:37:56 GMT
access-control-allow-origin: *
etag: "f0ec6769ae13e8e2cc85ceeb0d08031a"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1582115071.cds064.lo4.hn,1582115071.cds095.lo4.c
content-type: text/javascript
status: 200
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 2124

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 7ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B3) /
Resource Hash: 1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 12:24:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Feb 2020 23:55:53 GMT
Server: ECS (fcn/40B3)
Age: 356
Etag: "d6438f3ded1a231e0c47db28e12b2834+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29101

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c8e19505dacd5d7af77e3a122b071f8f5ae0c18c2337bc17f5c2fd0ef090477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1q/R+kkG+GO6sIgFzuPUTA==
access-control-expose-headers: X-FB-Content-MD5
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 1778
x-fb-debug: qpegiup4x6UdW/UZ1JnSZ4O7c2VxQCqbB1zPkSqjQZx1CRtfUZLrt5S4cg+aqbGXFnYoo6kViJGQRmLYocvCig==
x-fb-trip-id: 2047048586
x-fb-content-md5: 348ef6a5df6e909693458ebb3dcc9f31
etag: "a623692e70ea4398bf15822adf086219"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Feb 2020 12:36:26 GMT

GET
H2

200

bf4a12bd69f3.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js

15 KB
5 KB

6ms
6ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 555d5d3bcf88de2650acc3de969c2453da3c9c53fdd7491c23bb3bd09e12a129

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 19:53:26 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-fb-trip-id: 1679558926
access-control-allow-origin: *
etag: "bf4a12bd69f3"
vary: Accept-Encoding
content-type: text/javascript
status: 200
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4925

Redirect headers

status: 302
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-fb-trip-id: 1679558926
cache-control: max-age=21600
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
content-type: text/html; charset=utf-8

GET
H2 200 platform.js Show response
embed.redditmedia.com/widgets/ 71 KB
22 KB 118ms
38ms Script
application/javascript 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.redditmedia.com/widgets/platform.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 2752aa19835e890dc1e6b573400160708812035495898599c651fe0947280674

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: M4_NQYOkFvYl0EHhUxDwAV5hlmW9kpy6
content-encoding: gzip
age: 45
x-cache: HIT
status: 200
date: Wed, 19 Feb 2020 12:24:31 GMT
content-length: 21989
x-served-by: cache-fra19156-FRA
last-modified: Thu, 23 Jan 2020 20:56:31 GMT
server: snooserv
x-timer: S1582115072.829217,VS0,VE0
etag: "fafe8010d7f162a8122738ef88644e77"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 platform.js Show response
apis.google.com/js/ 48 KB
19 KB 49ms
34ms Script
application/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5a32cb751bb193335afccb5408b38ae908bca6deb11bcee513e95b0c49faa74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-c9PUW8f6lMNVNmWbXdYVJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "06b0d0db64c2b82c836462cf13496b69"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Wed, 19 Feb 2020 12:24:31 GMT

GET
H2 200 94645X1549134.skimlinks.js Show response
s.skimresources.com/js/ 56 KB
21 KB 69ms
24ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/94645X1549134.skimlinks.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f44cd9e73daa6813c75d62b584668015dd16e8aaaab024ce715fdeadd6f1d97

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
last-modified: Mon, 17 Feb 2020 12:35:40 GMT
server: AmazonS3
x-amz-request-id: CF07316F301D82CA
etag: "3236ef18e4ec584410b677fbfcfc1b34"
x-hw: 1582115071.cds085.lo4.hn,1582115071.cds220.lo4.c
content-type: application/octet-stream
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 21237
x-amz-id-2: Cot/tL5WYYiXXcZeNe+ia0R9QysiRsMnNWmGxEVJ0Hg7Y/K07/yWh+5fnn/Sq2pZ9evZE5OfPbg=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: GKqVE1O9ZXmLwTgj3Khf+ohWhR2GA/v+KKr07ZYP4mD/GRSlCLlSiFKSUsw2bB/E+QHEq80jALF7EZJOdlv2kg==
x-fb-trip-id: 2047048586
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 120ms
40ms Script
application/x-javascript 104.124.133.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-133-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 12:24:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 20 Feb 2020 12:24:31 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 161ms
38ms Script
text/javascript 13.35.253.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-5.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Jan 2020 21:25:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 3423527
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
X-Amz-Cf-Id: 889FqObthSmINvRAks20kyneM2tLK8iC5wWDe-zjo0j2XQ0mR8_q5g==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
5 KB 120ms
39ms Script
application/javascript 13.35.253.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-5.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 14:10:17 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 23:04:13 GMT
server: AmazonS3
age: 80055
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 3E0O7K2YqJpZcFBpyHYYmY5_b9Y3-pSQ9PfL9kRSx68V-WWMMl9wgA==
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)

GET
H2 200 AGSKWxUYiSyFTXY_edCzZXzRL85dZepgNLa9A7SZUOlws5mmiXNZ0_Lwnd6toMryiwneD2V6-m_qOpCU6f68NBPa Show response
fundingchoicesmessages.google.com/f/ 59 KB
23 KB 60ms
39ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUYiSyFTXY_edCzZXzRL85dZepgNLa9A7SZUOlws5mmiXNZ0_Lwnd6toMryiwneD2V6-m_qOpCU6f68NBPa

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398e132c3668f6130561b9409b22aa3893106060c81e9f8244598864401afa12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gkjRCHeQUJaYiidSFRuPsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gkjRCHeQUJaYiidSFRuPsQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: "1581983284"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
status: 200
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: public, max-age=1800
content-security-policy: script-src 'report-sample' 'nonce-gkjRCHeQUJaYiidSFRuPsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gkjRCHeQUJaYiidSFRuPsQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 19 Feb 2020 12:54:31 GMT

GET
H2 200 1d4fcb09312276cc3f674143538304e0.png
www.mtlblog.com/u/2019/04/06/ 6 KB
6 KB 29ms
29ms Image
image/webp 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/u/2019/04/06/1d4fcb09312276cc3f674143538304e0.png

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bda6d98478b6107e429bd68223c7177d0095c8295f196ef9dbdb316086754edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
vary: Accept
cf-cache-status: HIT
age: 569499
cf-polished: origFmt=png, origSize=12151
status: 200
content-disposition: inline; filename="1d4fcb09312276cc3f674143538304e0.webp"
content-length: 5778
lml-country-code: DE
last-modified: Sat, 06 Apr 2019 21:17:52 GMT
server: cloudflare
etag: "5ca91780-2f77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/webp
expires: Thu, 18 Feb 2021 12:24:31 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 567837dd0e46bed3-FRA
cf-bgj: imgq:100

GET
H2 200 6b3d9d1e0dfe5733a33f5b8699b3e318.png
www.mtlblog.com/u/2019/10/24/ 11 KB
11 KB 16ms
16ms Image
image/webp 2606:4700::6811:b366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/u/2019/10/24/6b3d9d1e0dfe5733a33f5b8699b3e318.png

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fd2956f0d20453bb04814392992d6b259736aa94f1b09fb1b6c6ed35eb7180d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
vary: Accept
cf-cache-status: HIT
age: 1051592
cf-polished: origFmt=png, origSize=51178
status: 200
content-disposition: inline; filename="6b3d9d1e0dfe5733a33f5b8699b3e318.webp"
content-length: 10950
lml-country-code: DE
last-modified: Thu, 24 Oct 2019 20:47:06 GMT
server: cloudflare
etag: "5db20dca-c7ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/webp
expires: Thu, 18 Feb 2021 12:24:31 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 567837dd0e47bed3-FRA
cf-bgj: imgq:100

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYA.ttf
fonts.gstatic.com/s/oswald/v30/ 35 KB
20 KB 6ms
5ms Font
font/ttf 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v30/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYA.ttf

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1baa269b2657e3b5d9882fb27248b65f60b170be8d9956a6c6406a93a18ffb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/polemos.c0c6c18da1431adb.css
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 00:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1252161
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20144
x-xss-protection: 0
last-modified: Tue, 04 Feb 2020 23:54:11 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 00:35:10 GMT

GET
H2 200 0QIgMX1D_JOuO7HeNtxunw.ttf
fonts.gstatic.com/s/lora/v14/ 61 KB
31 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v14/0QIgMX1D_JOuO7HeNtxunw.ttf

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

171a8ea6f4ada85b98521ac922dcb5c3bdb410b194bc8ef7d9e3b3041193d9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/polemos.c0c6c18da1431adb.css
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 18:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2310680
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31745
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:22:47 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jan 2021 18:33:11 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Jg.ttf
fonts.gstatic.com/s/lora/v14/ 57 KB
30 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v14/0QIvMX1D_JOuMwr7Jg.ttf

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5924c5499b8a161521cd74b8b26b316402787b22bf119181225f4c4d21e27513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/polemos.c0c6c18da1431adb.css
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2340363
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30230
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:21:57 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jan 2021 10:18:28 GMT

GET
H/1.1 200
OK check.js Show response
biddr.brealtime.com/ Frame C909 641 B
1 KB 397ms
338ms Script
application/javascript 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.js?nnn=1582115071567
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/biddr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cacbe8d075be5b96af1d81fa4753efcb5fdf25ae5acfbf8b6fe16fba1197eace

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 12:24:32 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
x-amz-request-id: 6FEF80F3FEDCFCAC
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: PRfvO4fq8yM+X6HvOCFXh5otsKSv3kv9DYd5R2J8Tp3vpHlIrYCi1pfle1rn0dElI4CUbgsl8JU=
Last-Modified: Tue, 11 Feb 2020 20:09:04 GMT
Server: cloudflare
ETag: W/"81b479edefd671af66d52c0ad9347d68"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=60
CF-RAY: 567837df6d5ece2b-LHR
Expires: Wed, 19 Feb 2020 12:25:32 GMT

GET
H2 200 pro-v4-shims.min.css
kit-pro.fontawesome.com/releases/latest/css/ 26 KB
5 KB 71ms
25ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9756557e8e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c9b6287265f3e416cede97e56a75cdb42792b9d766d5cefbb49f7ee6258cb61c

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 14:30:38 GMT
access-control-allow-origin: *
etag: "1580913038"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1582115071.cds075.lo4.hn,1582115071.cds215.lo4.c
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 4384

GET
H2 200 pro-v4-font-face.min.css
kit-pro.fontawesome.com/releases/latest/css/ 24 KB
3 KB 67ms
26ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9756557e8e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 3ed0ce3235f647523626709988ee0789e79faceceb22a8a77695fcbdb6c1d314

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 14:30:37 GMT
access-control-allow-origin: *
etag: "1580913037"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1582115071.cds075.lo4.hn,1582115071.cds042.lo4.c
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 2592

GET
H2 200 pro.min.css
kit-pro.fontawesome.com/releases/latest/css/ 294 KB
53 KB 27ms
27ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-pro.fontawesome.com/releases/latest/css/pro.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9756557e8e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 2c8e2a1ef072c4acca159f2492a8a51eb43e8f776091057b896d38701995e228

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 14:30:46 GMT
access-control-allow-origin: *
etag: "1580913046"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1582115072.cds075.lo4.hn,1582115072.cds229.lo4.c
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 54210

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 15 B
698 B 427ms
114ms Script
application/x-javascript 23.96.112.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=60106
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.112.53 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-blu-011.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7c256ffc1f9d77958ae2d403c487b5ef5dfeac21df8340606aede0074961b9b3

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Wed, 19 Feb 2020 12:24:32 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store, must-revalidate
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c
Content-Length: 135
Expires: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 109 B
778 B 38ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.mtlblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mtlblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020021101.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 68ms
68ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021101.js?21065556

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

52cb3d448ecca364f956f7936bd685d2d1828686f3639ef2b58cc43da91286d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Feb 2020 14:21:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62262
x-xss-protection: 0
expires: Wed, 19 Feb 2020 12:24:31 GMT

POST
H2 200 json Show response
narcitymedia.blueconic.net/DG/DEFAULT/rest/rpc/ 11 KB
3 KB 319ms
101ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://narcitymedia.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&bcsessionid=&bctempid=&overruleReferrer=&time=2020-02-19T13%3A24%3A31%2B01%3A00&ts=1582115071632

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/narcitymedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

83a9c83ce8004d5fb7bb9d23448edfc4decb5e2b88acdc01cf8200b6f4940096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 2493
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 checksub Show response
contributor.google.com/scripts/605af088f49177f6:D:211407a4dd70b688/ 392 B
928 B 45ms
45ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/605af088f49177f6:D:211407a4dd70b688/checksub

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.brCxxQdsWoQ.es5.O/d=1/ct=zgms/rs=AJlcJMxdNnFwEuWiWpTqO0kGdX68xTY4Vg/m=contributor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37d088e7b9362fd3fe37d380ce985d9a46a9db26ea68c25bb060b7ab360bc768

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cvR7YmT5I3ior/BLUiS8yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-cvR7YmT5I3ior/BLUiS8yg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-cvR7YmT5I3ior/BLUiS8yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-cvR7YmT5I3ior/BLUiS8yg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html
platform.twitter.com/widgets/ Frame B290 0
0 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.mtlblog.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40E4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1152315
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Feb 2020 12:24:31 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Wed, 05 Feb 2020 23:46:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E4)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6544ef31d3cbee4c6be50e5a18dcf5f1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

185c81109de7949c74b21905e3f308324484114faca5ffbc17bd47981127a5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cogfE/WgUFAVaWTh+hB9Ww==
status: 200
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
expires: Thu, 18 Feb 2021 11:28:21 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 59543
x-fb-debug: dXMgQEMlXEJHi+e3Zs2TvVuFlry+wsXJwGPFKySbDy+YIOTcTWRKFMjlTbX5RBBUaiJvIt/a4pH5HCteuTuz6w==
x-fb-trip-id: 2000377899
x-fb-content-md5: d86592574888fa506468941a474c6d01
etag: "5de94ebac487bba55082d9e68ff00250"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 262130411388295 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/262130411388295?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2963674cb46a42cac56940f3b01f37fc7eaeba9072e11c21f2ce942c82697ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Ie3KWJGVHIAC2R0YY0lA4vV9Z/B2Yifsp/LIG9U+zyfcmGnRj9PoKa7pF63N0PH8tr+QqIjpL96bPJzxLedeWA==
x-fb-trip-id: 2047048586
date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 116ms
40ms XHR
application/javascript 143.204.201.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.201.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-153.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 04:41:41 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 27771
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 08 Jan 2020 04:09:03 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: y0X70xY6S89nqA84a2brJ9jFiOhZCwE2FmtbtK5-NpdqGj5rLCzaIg==

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame F878 0
105 B 135ms
85ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5832423934281121
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 206
date: Wed, 19 Feb 2020 12:24:31 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
471 B 24ms
23ms Image
image/gif 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=8.084793368039657
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
status: 200
x-guploader-uploadid: AEnB2UqGy4gmuOdFqNmW4wv5-F4wdEJQbv6cUZ086JwGOdSxZnDpE5y9W1n1xuAOGxh3NwBazxGUeQy47oTS1nN2hAh73vjvjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1582115071.cds085.lo4.hn,1582115071.cds208.lo4.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
107 B 24ms
23ms Image
image/gif 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=8.084793368039657
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
status: 200
x-guploader-uploadid: AEnB2UqGy4gmuOdFqNmW4wv5-F4wdEJQbv6cUZ086JwGOdSxZnDpE5y9W1n1xuAOGxh3NwBazxGUeQy47oTS1nN2hAh73vjvjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1582115071.cds085.lo4.hn,1582115071.cds208.lo4.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

POST
H2

307

/ Show response
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/
https://r.skimresources.com/api/?xguid=01E1EPG9WT8S02NHQ2S3XBZXTE&persistence=1&checksum=70b08b7345ee152b6a2041c6c3edc5c85af6d5ed3c80255c2cc941618e04c97e

0
-1 B

76ms
29ms

XHR
text/html

35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?xguid=01E1EPG9WT8S02NHQ2S3XBZXTE&persistence=1&checksum=70b08b7345ee152b6a2041c6c3edc5c85af6d5ed3c80255c2cc941618e04c97e

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
via: 1.1 google
server: openresty/1.11.2.5
access-control-allow-origin: https://www.mtlblog.com
location: https://r.skimresources.com/api/?xguid=01E1EPG9WT8S02NHQ2S3XBZXTE&persistence=1&checksum=70b08b7345ee152b6a2041c6c3edc5c85af6d5ed3c80255c2cc941618e04c97e
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 307
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-type: text/html
alt-svc: clear
content-length: 193

Redirect headers

date: Wed, 19 Feb 2020 12:24:31 GMT
via: 1.1 google
server: openresty/1.11.2.5
status: 307
location: https://r.skimresources.com/api/?xguid=01E1EPG9WT8S02NHQ2S3XBZXTE&persistence=1&checksum=70b08b7345ee152b6a2041c6c3edc5c85af6d5ed3c80255c2cc941618e04c97e
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.mtlblog.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-type: text/html
alt-svc: clear
content-length: 193

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=18729422&ns__t=1582115071858&ns_c=UTF-8&cv=3.5&c8=Cyber%20Attackers%20Are%20Targeting%20Hydro-Qu%C3%A9bec%20-%20MTL%20Blog&c7=https%3A%2F%2Fwww.mtlblog.co...
https://sb.scorecardresearch.com/b2?c1=2&c2=18729422&ns__t=1582115071858&ns_c=UTF-8&cv=3.5&c8=Cyber%20Attackers%20Are%20Targeting%20Hydro-Qu%C3%A9bec%20-%20MTL%20Blog&c7=https%3A%2F%2Fwww.mtlblog.c...

0
248 B

42ms
41ms

Image
text/plain

104.124.133.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=18729422&ns__t=1582115071858&ns_c=UTF-8&cv=3.5&c8=Cyber%20Attackers%20Are%20Targeting%20Hydro-Qu%C3%A9bec%20-%20MTL%20Blog&c7=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&c9=
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-133-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Feb 2020 12:24:31 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=18729422&ns__t=1582115071858&ns_c=UTF-8&cv=3.5&c8=Cyber%20Attackers%20Are%20Targeting%20Hydro-Qu%C3%A9bec%20-%20MTL%20Blog&c7=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&c9=
Pragma: no-cache
Date: Wed, 19 Feb 2020 12:24:31 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUhNjisA8Dzlc-h5cloWEaBE8OH-NJyFT2thaIVf90LnnFAQ0bVlgA9ZPMydJlEz8HrdN5I2-TIojkPSFcE Show response
fundingchoicesmessages.google.com/f/ 130 KB
43 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUhNjisA8Dzlc-h5cloWEaBE8OH-NJyFT2thaIVf90LnnFAQ0bVlgA9ZPMydJlEz8HrdN5I2-TIojkPSFcE?pvid=7E84CA46-A2BE-481D-BF5D-88C36E27FD7C&anonid=95172C46-DD5C-42AE-8E17-5E1C21ED60DC&cp=%5B0%2C%5B1%5D%5D

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b75a3c029b0c93b2e520f4881ca1973989314b40dd819287095f6c8ed21971de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jvLvAm6oCP3lJ7H+NqFvoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-jvLvAm6oCP3lJ7H+NqFvoQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-jvLvAm6oCP3lJ7H+NqFvoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-jvLvAm6oCP3lJ7H+NqFvoQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Wed, 19 Feb 2020 12:24:31 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
status: 200
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxXP8-SW4QypD8Z5g7Ll5vq2TNgpFVXIEItFJxzsKlV5Wur_Gcyuw_WFQRGJMK8OVwWB8QE-DVU75JCWoN5r Show response
fundingchoicesmessages.google.com/l/ 0
802 B 57ms
36ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXP8-SW4QypD8Z5g7Ll5vq2TNgpFVXIEItFJxzsKlV5Wur_Gcyuw_WFQRGJMK8OVwWB8QE-DVU75JCWoN5r?pvid=7E84CA46-A2BE-481D-BF5D-88C36E27FD7C&anonid=95172C46-DD5C-42AE-8E17-5E1C21ED60DC

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCachedJsClientJs.en_US.eGAf_2hq_2k.es5.O/d=1/ct=zgms/rs=AJlcJMxbbOZXGeMFMz0BXj_HfZOhEWBhqw/m=cached_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OSwLoP7CKJ3He0HcPQ2BTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OSwLoP7CKJ3He0HcPQ2BTA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
x-content-type-options: nosniff
status: 204
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-OSwLoP7CKJ3He0HcPQ2BTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OSwLoP7CKJ3He0HcPQ2BTA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 152 B
495 B 30ms
30ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?xguid=01E1EPG9WT8S02NHQ2S3XBZXTE&persistence=1&checksum=70b08b7345ee152b6a2041c6c3edc5c85af6d5ed3c80255c2cc941618e04c97e

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

54675f9030161a5946ef1b93e98a7d8bcbf1cf744292e0deb0423077de4a411b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
status: 200
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.mtlblog.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-type: application/json
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 118ms
40ms Image
image/gif 13.35.253.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Cyber%20Attackers%20Are%20Targeting%20Hydro-Qu%C3%A9bec%20-%20MTL%20Blog&time=1582115071935&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&random_number=13485239101&sess_cookie=d189fbe51705d6827bf796bacf5&sess_cookie_flag=1&user_cookie=d189fbe51705d6827bf796bacf5&user_cookie_flag=1&dynamic=true&domain=mtlblog.com&account=RT5wq1rcy520uW&jsv=20130128&user_lang=en-US
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 19 Feb 2020 07:24:51 GMT
Via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-meta-alexa-last-modified: 20110117123941
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 17982
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: AZPkQBauckj-cr4R7-a3F5LhBx-p2o6EwxZjXnkpD53fYTb_5p6xXA==

GET
H2 200 i
tr.snapchat.com/cm/ Frame DAE9 0
0 75ms
29ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Response headers

status: 200
server: nginx/1.17.3
date: Wed, 19 Feb 2020 12:24:32 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=369886419698055&ev=fb_page_view&dl=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&rl=&if=false&ts=1582115071948&sw=1600&sh=1200

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 19 Feb 2020 12:24:31 GMT

POST
H2 200 p
tr.snapchat.com/ Frame B899 0
0 64ms
34ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 361
pragma: no-cache
cache-control: no-cache
origin: https://www.mtlblog.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
accept-encoding: gzip, deflate, br
accept-language: en-US
Origin: https://www.mtlblog.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Response headers

status: 200
server: nginx/1.17.3
date: Wed, 19 Feb 2020 12:24:32 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIaF8BxxGVKRj+79ZB5PielJvLiGsS0CVJeqUVNnc3ZhCY6mz9AQRUAKcyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 d0715cecfde8942afeb365cbcfa2fe8b Show response
narcitymedia.blueconic.net/plugin/plugin/ 35 KB
10 KB 105ms
103ms Script
text/javascript 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://narcitymedia.blueconic.net/plugin/plugin/d0715cecfde8942afeb365cbcfa2fe8b

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/narcitymedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

dc4e030dd56a6381e862981def6be05cd0c0a8c8fe25ef1038fb9f36de673d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
server: -
etag: d0715cecfde8942afeb365cbcfa2fe8b
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 9190
x-xss-protection: 1; mode=block
expires: Thu, 18 Feb 2021 12:24:32 GMT

GET
H2 200 iab Show response
api.skimlinks.mgr.consensu.org/ 772 B
637 B 113ms
32ms XHR
application/json 35.190.40.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.skimlinks.mgr.consensu.org/iab?nocache=1582115071963

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/94645X1549134.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

172.40.190.35.bc.googleusercontent.com

Software

nginx/1.14.0 /

Resource Hash

4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.14.0
access-control-allow-headers: *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.mtlblog.com
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 44 B
202 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=262130411388295&ev=PageView&dl=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&rl=&if=false&ts=1582115071987&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1582115071985.900104609&it=1582115071757&coo=false&rqm=GET

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 12:24:31 GMT, Wed, 19 Feb 2020 12:24:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 19 Feb 2020 12:24:31 GMT

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
343 B 35ms
35ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/94645X1549134.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 12:24:32 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H2 200 css
fonts.googleapis.com/ 46 KB
3 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorGdprClientJs.en_US.h3Y1Y_qU6-I.es5.O/d=1/ct=zgms/rs=AJlcJMzI11sgVV66K8Gw_Rh6GIlb_PMssg/m=gdprscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f12fd856b2ac8e1ef275c3a43eac3d97d8c41f1a745462350f61ec0fe37fc18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Feb 2020 12:24:32 GMT
server: ESF
date: Wed, 19 Feb 2020 12:24:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Feb 2020 12:24:32 GMT

POST
H2 204 AGSKWxXrNP7ZZSJr0CUTxda6cNvXSVl2VZQOAp9AIr5H3-WiclUmu-UuaFv5yd8fNwR67TIbMLjMYJcKLTpist4Z9zv2yaDYDZEeD8E46KFFEoyobjLpQHUYcizTbVvW46cqWJOwHxxad9GIMke6lbcXAkDTpiR3aTrh36m8w7h3r1tEauDB6PY9T2ZXZw== Show response
fundingchoicesmessages.google.com/l/ 0
382 B 47ms
46ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXrNP7ZZSJr0CUTxda6cNvXSVl2VZQOAp9AIr5H3-WiclUmu-UuaFv5yd8fNwR67TIbMLjMYJcKLTpist4Z9zv2yaDYDZEeD8E46KFFEoyobjLpQHUYcizTbVvW46cqWJOwHxxad9GIMke6lbcXAkDTpiR3aTrh36m8w7h3r1tEauDB6PY9T2ZXZw==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorGdprClientJs.en_US.h3Y1Y_qU6-I.es5.O/d=1/ct=zgms/rs=AJlcJMzI11sgVV66K8Gw_Rh6GIlb_PMssg/m=gdprscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mnPREDvek5zt55NvTuBLJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-mnPREDvek5zt55NvTuBLJQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
x-content-type-options: nosniff
status: 204
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-mnPREDvek5zt55NvTuBLJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-mnPREDvek5zt55NvTuBLJQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 400 identity
api.rlcdn.com/api/ 0
0 85ms
29ms XHR
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184729-247851731068523.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
542 B 105ms
31ms XHR
application/json 63.33.80.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184729
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184729-247851731068523.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 10e786663ddf67715d1fc134f15fdf300e2b4016da8fbe65934500110cab0512

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 20 Mar 2020 12:24:32 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v48/ 59 KB
60 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v48/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorGdprClientJs.en_US.h3Y1Y_qU6-I.es5.O/d=1/ct=zgms/rs=AJlcJMzI11sgVV66K8Gw_Rh6GIlb_PMssg/m=gdprscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans|Open+Sans+Condensed:300|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 06:13:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:50:48 GMT
server: sffe
age: 2441478
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 60840
x-xss-protection: 0
expires: Thu, 21 Jan 2021 06:13:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorGdprClientJs.en_US.h3Y1Y_qU6-I.es5.O/d=1/ct=zgms/rs=AJlcJMzI11sgVV66K8Gw_Rh6GIlb_PMssg/m=gdprscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans|Open+Sans+Condensed:300|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2308441
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:10:31 GMT

GET
H2 200 Consent_A_en.js Show response
s.skimresources.com/js/GDPR/ 20 KB
8 KB 23ms
23ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/GDPR/Consent_A_en.js
Requested by: Host: s.skimresources.com
URL: https://s.skimresources.com/js/94645X1549134.skimlinks.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 944747ed258a0a48f0529cc3d41108264c0e089fbf50d49629af64b91d142f55

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
last-modified: Mon, 17 Feb 2020 12:45:09 GMT
server: AmazonS3
x-amz-request-id: 0F0D5E8DF15BDF25
etag: "92fc6bad55d381eea89dcbb5843a6bd2"
x-hw: 1582115072.cds085.lo4.hn,1582115072.cds239.lo4.c
content-type: application/octet-stream
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 7728
x-amz-id-2: 34GcE0Z8slBGP5ZfFl7ekHID7KCWqkPLYe+iFKHmcmzdYWo5t1Ob/p3UNUOi8qhzozJQnDmtlkc=

GET
H2

200

/
p.skimresources.com/ Frame F878
Redirect Chain

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=2ee3d42339090672aad395e99a26f399
https://p.skimresources.com/?provider_id=2ee3d42339090672aad395e99a26f399&skim_mapping=true

43 B
223 B

23ms
23ms

Image
image/gif

151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=2ee3d42339090672aad395e99a26f399&skim_mapping=true
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
status: 200
x-guploader-uploadid: AEnB2Upm0IERmHEeHXspD69In17Pl6F7G1hpP5WQnayaxssKT910EEvyeDmGriy6H4TJHF1XUAt1TDMv64upA8kILvj44aw7CA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1582115072.cds085.lo4.hn,1582115072.cds098.lo4.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=2ee3d42339090672aad395e99a26f399&skim_mapping=true
Date: Wed, 19 Feb 2020 12:24:32 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 pro-fa-solid-900-5.0.0.woff2
kit-pro.fontawesome.com/releases/latest/webfonts/ 20 KB
20 KB 26ms
25ms Font
font/woff2 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-solid-900-5.0.0.woff2
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ea1b7977e6083a93f9520f5d9e5470ea9a52fd982a5ef487dd8827bfce4ef094

Request headers

Referer: https://kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
last-modified: Wed, 05 Feb 2020 14:42:13 GMT
access-control-allow-origin: *
etag: "1580913733"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
status: 200
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 20280
x-hw: 1582115072.cds064.lo4.hn,1582115072.cds001.lo4.c

GET
H2 200 bcca35c6aee8ac064c65f89780cd022d Show response
narcitymedia.blueconic.net/plugin/library/ 121 KB
41 KB 108ms
107ms Script
text/javascript 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://narcitymedia.blueconic.net/plugin/library/bcca35c6aee8ac064c65f89780cd022d

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/narcitymedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

763c63e7463620928db3a2fa48786d1ef7cc8984e63aaca5df314b4424e792c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
server: -
etag: bcca35c6aee8ac064c65f89780cd022d
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 41733
x-xss-protection: 1; mode=block
expires: Thu, 18 Feb 2021 12:24:32 GMT

POST
H2 200 LB-Zone-3 Show response
narcitymedia.blueconic.net/DG/DEFAULT/rest/rpc/json/ 994 B
1 KB 183ms
183ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://narcitymedia.blueconic.net/DG/DEFAULT/rest/rpc/json/LB-Zone-3?referer=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&bcsessionid=&bctempid=f84c81b5-8e55-4453-90f7-394e62bece0b&overruleReferrer=&time=2020-02-19T13%3A24%3A32%2B01%3A00&ts=1582115072118

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/narcitymedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

07b9d776e4028d6c72c58f5cacc677a3d386ff94810339e7021a0a1680f5eaac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 476
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
339 B 146ms
60ms XHR
text/plain 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=316931&u=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184729-247851731068523.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 19 Feb 2020 12:24:32 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.mtlblog.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 19 Feb 2020 12:24:32 GMT

GET
H2 200 / Show response
e1.emxdgt.com/sync/ Frame C909 1018 B
1 KB 108ms
35ms Script
application/javascript 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.emxdgt.com/sync/
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/check.js?nnn=1582115071567
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 050e66c65537fc40707dde79ee0f88f3a6a3a2aa5d6666fb44fce60452684e3a

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Wed, 19 Feb 2020 12:24:31 GMT
content-length: 1018
content-type: application/javascript

GET
H2 200 stats Show response
narcitymedia.blueconic.net/rest/recommendations/ 16 B
694 B 102ms
102ms Script
text/javascript 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://narcitymedia.blueconic.net/rest/recommendations/stats?storeId=282de264-6f0f-4713-8bb3-46460a26ea15&action=view&itemId=www.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&url=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&profileId=f84c81b5-8e55-4453-90f7-394e62bece0b&isEntrypage=true&hash=1184a1226318d1534f16be0b10cbb258&lastmodified=1565098550000&referer=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&bcsessionid=f84c81b5-8e55-4453-90f7-394e62bece0b&bctempid=&overruleReferrer=&time=2020-02-19T13%3A24%3A32%2B01%3A00&callback=bc_json299

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/narcitymedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

c8c8a3a3cc6f1ac77b6a2a312745d445c0c897ec6a585bebec951a89ac255638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript;charset=utf-8
server: -
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 json Show response
narcitymedia.blueconic.net/DG/DEFAULT/rest/rpc/ 195 B
851 B 101ms
101ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://narcitymedia.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&bcsessionid=f84c81b5-8e55-4453-90f7-394e62bece0b&bctempid=&overruleReferrer=&time=2020-02-19T13%3A24%3A32%2B01%3A00&ts=1582115072324

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/narcitymedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

bff2251584810071c2c7caa6d6c0969e4f066a6ba4493e056aa5184db20d24f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 117
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
p.skimresources.com/ Frame F878
Redirect Chain

https://x.skimresources.com/?provider=exelate
https://loadeu.exelator.com/load/?p=787&g=001&j=0&
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=dd0e95a3232ca3c2c1468a5c64470f69
https://p.skimresources.com/?provider_id=dd0e95a3232ca3c2c1468a5c64470f69&skim_mapping=true

43 B
107 B

23ms
23ms

Image
image/gif

151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=dd0e95a3232ca3c2c1468a5c64470f69&skim_mapping=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
status: 200
x-guploader-uploadid: AEnB2Upm0IERmHEeHXspD69In17Pl6F7G1hpP5WQnayaxssKT910EEvyeDmGriy6H4TJHF1XUAt1TDMv64upA8kILvj44aw7CA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1582115072.cds085.lo4.hn,1582115072.cds098.lo4.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=dd0e95a3232ca3c2c1468a5c64470f69&skim_mapping=true
Date: Wed, 19 Feb 2020 12:24:32 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

POST
H2 200 /
www.facebook.com/tr/ 0
106 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryozlXKhIKBjCLpxzP

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.mtlblog.com
date: Wed, 19 Feb 2020 12:24:32 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-24=":443"; ma=3600
content-length: 0

POST
H2 200 json Show response
narcitymedia.blueconic.net/DG/DEFAULT/rest/rpc/ 98 B
838 B 115ms
113ms XHR
application/json 52.22.44.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://narcitymedia.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.mtlblog.com%2Fnews%2Fcanada%2Fqc%2Fmontreal%2Fcyber-attackers-are-targeting-hydro-quebec&bcsessionid=f84c81b5-8e55-4453-90f7-394e62bece0b&bctempid=&overruleReferrer=&time=2020-02-19T13%3A24%3A32%2B01%3A00&ts=1582115072526

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/narcitymedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.44.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-44-87.compute-1.amazonaws.com

Software

- /

Resource Hash

32edd4c6eeb5900398cd8d65f9b7b9b4433820f3c9d1b6b5d58d932b26d4f626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec
Origin: https://www.mtlblog.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Feb 2020 12:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 108
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mtlblog.com/	1969-12-31 23:59:59	Name: BCRevision_1582115072329 Value: %7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22visitedsites%22%3A%5B%22www.mtlblog.com%22%5D%2C%22_preferred_main_category%22%3A%5B%22%7B%5C%22TIME%5C%22%3A1582115072312%2C%5C%22news%5C%22%3A%7B%5C%22p2971%5C%22%3A1%7D%7D%22%5D%2C%22_hl_visit_time%22%3A%5B%22%7B%5C%22TIME%5C%22%3A1582115072314%2C%5C%22data%5C%22%3A%5B%7B%5C%22n%5C%22%3A%5C%221%20PM%20-%202%20PM%5C%22%2C%5C%22p%5C%22%3A1%2C%5C%22d%5C%22%3A901%7D%5D%7D%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22visitedsites%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1582115072329%22%7D
www.mtlblog.com/	1970-01-19 16:14:11	Name: BCSessionID Value: f84c81b5-8e55-4453-90f7-394e62bece0b
.mtlblog.com/	1970-01-19 08:11:47	Name: __cfduid Value: d2445da32ae1da20d616c56a94353d90e1582115071
.mtlblog.com/	1970-01-19 09:38:11	Name: _fbp Value: fb.1.1582115071985.900104609
.mtlblog.com/	1970-01-19 16:15:37	Name: __auc Value: d189fbe51705d6827bf796bacf5
.mtlblog.com/	1970-01-19 07:28:36	Name: __asc Value: d189fbe51705d6827bf796bacf5
www.mtlblog.com/news/canada/qc/montreal	1969-12-31 23:59:59	Name: dt Value: 2020-02-19T12:24:32.235Z
.mtlblog.com/	1970-01-20 00:59:47	Name: _ga Value: GA1.2.1457267482.1582115072
.snapchat.com/	1970-01-19 16:50:11	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIaF8BxxGVKRj+79ZB5PielJvLiGsS0CVJeqUVNnc3ZhCY6mz9AQRUAKcyAAAA
.mtlblog.com/	1970-01-19 08:11:47	Name: CUID Value: N,1582115071702:ALHGLuQAAAAPTiwxNTgyMTE1MDcxNzAyWfVsBQLluRH2SdaSQZZ3Nk+ByKkPrkg/TaE13dfmh76lqQkkSqX8mPdJmVi6b439kj1TOCd9f5+RKL6IKtplf9eQSCvGKzmrAo3Vqr0faLK/YFeVeT0+58xVkqT6EYFbI63hZ42hoeyf8VMt5H+ymc4lQ7nGXf/OyF6P5kc+5bSt4jzomeVl+aiayyvXmI9QA0xuZ2wrCYCgUCM2s35VGrgMLlGNJA0CVP46WWInpA5l/4AoZJrgcKapzcLQOh88mfR2Rrz3vtTazYIGcupdX11B9RzOsmjQBc0Ldry8z4mXpey/IQDo05YrHzqijkAqDeuYiCiVATRfq3KX7SOUZw==
.mtlblog.com/	1970-01-19 07:30:01	Name: _gid Value: GA1.2.568573933.1582115072
www.mtlblog.com/	1970-01-19 16:14:11	Name: em_cdn_uid Value: t%3D1582115071873%26u%3D608cf5f58525432e86b990c0edcee706
www.mtlblog.com/	1970-01-19 16:58:21	Name: _scid Value: cb36efd2-7347-4da8-869c-081aae8906fa

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.mtlblog.com/news/canada/qc/montreal/cyber-attackers-are-targeting-hydro-quebec(Line 133) Message: [detail] API - Requesting GET to endpoint : /menus/headerlinks/en/menus.json

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adserver.pressboard.ca
adservice.google.co.uk
adservice.google.com
api.rlcdn.com
api.skimlinks.mgr.consensu.org
apis.google.com
as-sec.casalemedia.com
biddr.brealtime.com
c.amazon-adsystem.com
cdn.blueconic.net
certify-js.alexametrics.com
certify.alexametrics.com
connect.facebook.net
contributor.google.com
e1.emxdgt.com
embed.redditmedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
js-sec.indexww.com
kit-pro.fontawesome.com
kit.fontawesome.com
loadeu.exelator.com
match.adsrvr.org
narcitymedia.blueconic.net
p.skimresources.com
platform.instagram.com
platform.twitter.com
r.skimresources.com
s.skimresources.com
sb.scorecardresearch.com
sc-static.net
scontent-frt3-1.cdninstagram.com
scontent-frx5-1.cdninstagram.com
scontent-lga3-1.cdninstagram.com
securepubads.g.doubleclick.net
sync.crwdcntrl.net
t.skimresources.com
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.instagram.com
www.mtlblog.com
x.skimresources.com
104.124.133.20
104.17.120.107
13.35.253.107
13.35.253.5
143.204.201.153
143.204.202.28
147.75.102.200
151.101.13.140
151.139.128.10
172.217.18.162
18.195.155.181
23.210.249.164
23.96.112.53
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6811:b366
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:819::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::200a
2a00:1450:4001:820::200e
2a00:1450:4001:824::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f212:c4:face:b00c:0:43fe
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
35.186.226.184
35.190.40.172
35.190.59.101
35.201.67.47
35.244.174.68
52.22.44.87
52.49.39.42
54.77.173.141
63.33.80.49
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
050e66c65537fc40707dde79ee0f88f3a6a3a2aa5d6666fb44fce60452684e3a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b9d776e4028d6c72c58f5cacc677a3d386ff94810339e7021a0a1680f5eaac
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e786663ddf67715d1fc134f15fdf300e2b4016da8fbe65934500110cab0512
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
171a8ea6f4ada85b98521ac922dcb5c3bdb410b194bc8ef7d9e3b3041193d9a0
185c81109de7949c74b21905e3f308324484114faca5ffbc17bd47981127a5bc
18fc6ab6583f01ad3c9f58d8c5e5de5e9ae4e388fc236d9fbfb2de970a786d80
1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc
1b58e694d4ca155716e8ee1703b5e5d8c891cb32bccae80042dc6d38b5a0a49f
1baa269b2657e3b5d9882fb27248b65f60b170be8d9956a6c6406a93a18ffb1b
2752aa19835e890dc1e6b573400160708812035495898599c651fe0947280674
2c8e2a1ef072c4acca159f2492a8a51eb43e8f776091057b896d38701995e228
32edd4c6eeb5900398cd8d65f9b7b9b4433820f3c9d1b6b5d58d932b26d4f626
37ad549f2800672875db6ac707d83f2876f6672cc09aa47c967ee9a203aa9b93
37d088e7b9362fd3fe37d380ce985d9a46a9db26ea68c25bb060b7ab360bc768
398e132c3668f6130561b9409b22aa3893106060c81e9f8244598864401afa12
3a75d665ec16d056a3c78fdea223637b57fc3d9c5e816e3f8639fed2d9f03418
3c8553edbef083132e8d30dff58429afffd160effedf0b99ec54b0e92eeff8b9
3ed0ce3235f647523626709988ee0789e79faceceb22a8a77695fcbdb6c1d314
3f44cd9e73daa6813c75d62b584668015dd16e8aaaab024ce715fdeadd6f1d97
42665bc691c53dad4d6eef7785b5fdc0c4fd6d4cab47102f0b5826d19ac1d6c6
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
4c8e19505dacd5d7af77e3a122b071f8f5ae0c18c2337bc17f5c2fd0ef090477
5086bf11c18729912e406aa96de28d33cc056e66d280aa21280db68b08b12de2
52cb3d448ecca364f956f7936bd685d2d1828686f3639ef2b58cc43da91286d0
54675f9030161a5946ef1b93e98a7d8bcbf1cf744292e0deb0423077de4a411b
555d5d3bcf88de2650acc3de969c2453da3c9c53fdd7491c23bb3bd09e12a129
5743866ba58f2b0566b61df088b813b63debffad033c2d49afafb3565492c19d
5924c5499b8a161521cd74b8b26b316402787b22bf119181225f4c4d21e27513
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6b350622d882239513462879525c3f42e2c855cffeebc98b1bcf7c4b2acd35cd
763c63e7463620928db3a2fa48786d1ef7cc8984e63aaca5df314b4424e792c1
7b754722b8fc8aa2d440057446cc58b36f4e40dbd43968c64ee5d8a4dac2534a
7c256ffc1f9d77958ae2d403c487b5ef5dfeac21df8340606aede0074961b9b3
83a9c83ce8004d5fb7bb9d23448edfc4decb5e2b88acdc01cf8200b6f4940096
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d148c3c98dcbd2b8aff39ea353523b714d2239f64770cedd81cb70afb2bb141
8f12fd856b2ac8e1ef275c3a43eac3d97d8c41f1a745462350f61ec0fe37fc18
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
944747ed258a0a48f0529cc3d41108264c0e089fbf50d49629af64b91d142f55
9551e0fad0dc58bf027dab9956e664efb5bc99ee9b1c311f5aa969b7023d9219
9fd2956f0d20453bb04814392992d6b259736aa94f1b09fb1b6c6ed35eb7180d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce
b00c4570a6a869980e4514528e334043840fa333f983db51ecd2e4d34c7d8485
b2963674cb46a42cac56940f3b01f37fc7eaeba9072e11c21f2ce942c82697ae
b5a32cb751bb193335afccb5408b38ae908bca6deb11bcee513e95b0c49faa74
b75a3c029b0c93b2e520f4881ca1973989314b40dd819287095f6c8ed21971de
b9682a728417c13d57f6012c02c22a34ab6bf9b749af742975f7bba826b1df04
b97f3ba5d5c09de91afdfd5069216113a108e33dc4d508f299c51a7f9e70b9eb
bda6d98478b6107e429bd68223c7177d0095c8295f196ef9dbdb316086754edc
bff2251584810071c2c7caa6d6c0969e4f066a6ba4493e056aa5184db20d24f5
c8c8a3a3cc6f1ac77b6a2a312745d445c0c897ec6a585bebec951a89ac255638
c9b6287265f3e416cede97e56a75cdb42792b9d766d5cefbb49f7ee6258cb61c
cacbe8d075be5b96af1d81fa4753efcb5fdf25ae5acfbf8b6fe16fba1197eace
ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913
dc4e030dd56a6381e862981def6be05cd0c0a8c8fe25ef1038fb9f36de673d6b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9da5cc4cd871bd19914e06e7c483c44362acc3db58258383cddeefc1e3cbbf2
ea1b7977e6083a93f9520f5d9e5470ea9a52fd982a5ef487dd8827bfce4ef094
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
fa3f86ca97962c9e2437f5f59cc2fd2ec69cccd8096b4afb7cdf31f6444ace3c
fc6f5ef57a72a2b89f63df7283e320b49303f6a06dbb3f46a98ec77596fc5dd5
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

www.mtlblog.com Open in urlscan Pro 2606:4700::6811:b366 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

42 %IPv6

31 Domains

44 Subdomains

35 IPs

6 Countries

1438 kBTransfer

3550 kBSize

13 Cookies

217 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.mtlblog.com Open in urlscan Pro
2606:4700::6811:b366 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

42 %
IPv6

31
Domains

44
Subdomains

35
IPs

6
Countries

1438 kB
Transfer

3550 kB
Size

13
Cookies

88 HTTP transactions
0 data transactions