urlscan.io logo urlscan.io
SecurityTrails logo

gr.news-front.info Open in urlscan Pro
186.2.163.162  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Submission: On May 21 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 8 countries across 17 domains to perform 33 HTTP transactions. The main IP is 186.2.163.162, located in Russian Federation and belongs to DDOS-GUARD CORP., BZ. The main domain is gr.news-front.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 27th 2020. Valid for: 3 months.
This is the only time gr.news-front.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

4    186.2.163.162 (Russian Federation)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
gr.news-front.info
6    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
assets.aweber-static.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    107.22.214.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-214-169.compute-1.amazonaws.com
i.kissmetrics.com
1    52.222.150.171 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-150-171.fra53.r.cloudfront.net
scripts.kissmetrics.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
1    2a02:26f0:fe00:1a1::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:11:101::b93f:9001 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
1    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    34.232.23.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-23-106.compute-1.amazonaws.com
trk.kissmetrics.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
Domain Requested by
6 assets.aweber-static.com gr.news-front.info
4 gr.news-front.info gr.news-front.info
2 www.facebook.com gr.news-front.info
2 px.ads.linkedin.com 1 redirects gr.news-front.info
2 www.google.de gr.news-front.info
2 www.google.com 1 redirects gr.news-front.info
2 s.yimg.com gr.news-front.info
s.yimg.com
2 connect.facebook.net gr.news-front.info
connect.facebook.net
2 bat.bing.com gr.news-front.info
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 dev.visualwebsiteoptimizer.com gr.news-front.info
1 sp.analytics.yahoo.com s.yimg.com
1 trk.kissmetrics.com scripts.kissmetrics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.linkedin.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 snap.licdn.com gr.news-front.info
1 www.googleadservices.com www.googletagmanager.com
1 scripts.kissmetrics.com gr.news-front.info
1 i.kissmetrics.com gr.news-front.info
1 www.googletagmanager.com gr.news-front.info
33 21

This site contains no links.

Subject Issuer Validity Valid
gr.news-front.info
Let's Encrypt Authority X3		 2020-03-27 -
2020-06-25		 3 months crt.sh
o2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-21 -
2020-07-12		 2 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
*.kissmetrics.com
RapidSSL RSA CA 2018		 2019-06-25 -
2020-06-24		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-05-19 -
2020-07-03		 a month crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-03-04 -
2020-08-31		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Frame ID: A60AE3D298A96D1A049494EAD9B8BB9D
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:Start|End) Visual Website Optimizer A?Synchronous Code -->/i
  • script /dev\.visualwebsiteoptimizer\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

33
Requests

100 %
HTTPS

62 %
IPv6

17
Domains

21
Subdomains

19
IPs

8
Countries

567 kB
Transfer

1727 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=276219606&t=pageview&_s=1&dl=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&ul=en-us&de=UTF-8&dt=Request%20for%20Quotation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=410145506&gjid=2101629162&cid=50922595.1590085129&tid=UA-1759093-10&_gid=2038639678.1590085129&_r=1&gtm=2wg5e15J4XPK&z=580339555 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_gid=2038639678.1590085129&gjid=2101629162&_v=j82&z=580339555 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_v=j82&z=580339555 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_v=j82&z=580339555&slf_rd=1&random=1006465859
Request Chain 22
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&time=1590085128708 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D256865%26url%3Dhttps%253A%252F%252Fgr.news-front.info%252Fhoif%252F2020excel%252Frfq.php%253Flogn%253D%26time%3D1590085128708%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&time=1590085128708&liSync=true

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request rfq.php
gr.news-front.info/hoif/2020excel/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.163.162 , Russian Federation, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
b3439248a0ddc569498787cc4d6c8a4c5918988f44fcfa1bd698e0d117968c9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gr.news-front.info
:scheme
https
:path
/hoif/2020excel/rfq.php?logn=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
ddos-guard
set-cookie
__ddg1=P5TzGrA3v0eg5moTh3F1; Domain=.news-front.info; HttpOnly; Path=/; Expires=Fri, 21-May-2021 18:18:48 GMT
date
Thu, 21 May 2020 18:18:48 GMT
content-type
text/html; charset=UTF-8
content-length
3992
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=600
expires
Thu, 21 May 2020 18:28:48 GMT
strict-transport-security
max-age=31536000
referrer-policy
MaskedPassword.js
gr.news-front.info/hoif/2020excel/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gr.news-front.info/hoif/2020excel/MaskedPassword.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.163.162 , Russian Federation, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 21:14:51 GMT
content-encoding
gzip
last-modified
Thu, 07 May 2020 21:46:24 GMT
server
ddos-guard
age
75837
etag
W/"5eb481b0-4208"
content-type
application/javascript
status
200
cache-control
max-age=604800
content-length
6199
expires
Wed, 27 May 2020 21:14:51 GMT
main.50315030.css
assets.aweber-static.com/www/assets/css/ 		384 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/css/main.50315030.css
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d4e4bf73adea4c9618bd375cbdd5bb1806a9a97bc7834aec68d21bb9c1e7442

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
3HL_eJIQSMN01BwkgDNKXg.F1xGBEMUy
content-encoding
gzip
etag
"78fe02dc37f46aee49d79c51168a10f3"
age
3775345
via
1.1 varnish
x-cache
HIT
status
200
content-length
64259
x-amz-id-2
f72iVScyQUQa1ZH2U1ua2LIikMBDau5SCokRY91JnJF6A7yOsRcNbK7ZQwE+DLVDQHIrGYwrfT4=
x-served-by
cache-fra19142-FRA
last-modified
Wed, 03 Jan 2018 20:25:28 GMT
server
AmazonS3
x-timer
S1590085129.537609,VS0,VE1
date
Thu, 21 May 2020 18:18:48 GMT
vary
Accept-Encoding
x-amz-request-id
1BDAF3860562EAFF
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
x-cache-hits
1
jquery.5a555b6d.js
assets.aweber-static.com/www/assets/bundles/ 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/bundles/jquery.5a555b6d.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bbb02166c3396d0f40fa8ebe151e046e70e00d2d842fe40d4f215a81f0772b3

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
nEC0pXCYIdLlaCFyW.NJp92ITbQ4XtOR
content-encoding
gzip
etag
"5c1504dbb73fcf8cf75abed2d97a0777"
age
314044
via
1.1 varnish
x-cache
HIT
status
200
content-length
38193
x-amz-id-2
brRV1y0LsqLBO/OYkD2Fx1Sz9AKaXjZaLxBq0QRP6bXnKsmVAmpKc+lfUNYF5yUcQSRbyttzbnA=
x-served-by
cache-fra19142-FRA
last-modified
Fri, 12 Jan 2018 16:37:55 GMT
server
AmazonS3
x-timer
S1590085129.537563,VS0,VE2
date
Thu, 21 May 2020 18:18:48 GMT
vary
Accept-Encoding
x-amz-request-id
A465ED027AE51FE7
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
vendor.98010375.js
assets.aweber-static.com/www/assets/bundles/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/bundles/vendor.98010375.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88ac03bb60640d37911839e3408fafc1fa5fa9f9c9dbd3de528066ec1b6597aa

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
HdpT90ZK.MNlglIeCa3xNn4ProoohTbL
content-encoding
gzip
etag
"36626a5655ccad577db446555bf4ccd6"
age
42166
via
1.1 varnish
x-cache
HIT
status
200
content-length
27922
x-amz-id-2
LhZdEJ+RvP+xuwnRudSm+RM/XuXuoOqzxIrgeHE+8G0y3LiTjpDgFi0PXzXcizNW31KI4+FW78E=
x-served-by
cache-fra19142-FRA
last-modified
Fri, 12 Jan 2018 16:37:57 GMT
server
AmazonS3
x-timer
S1590085129.537551,VS0,VE2
date
Thu, 21 May 2020 18:18:48 GMT
vary
Accept-Encoding
x-amz-request-id
9D033D6111B0636C
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
lib.becade21.js
assets.aweber-static.com/www/assets/bundles/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/bundles/lib.becade21.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43c6c415e0250d62b72f26e96e93d7627dd05295cea6dca4f0429e43a91b3aa4

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
5zpXDf6fMIE09AQnekKYv9r0OnbBRWVB
content-encoding
gzip
etag
"554df709b421134fe1de27725d45c116"
age
42166
via
1.1 varnish
x-cache
HIT
status
200
content-length
8850
x-amz-id-2
GJXYBD+yyQAr15YIFDHRRrc1xa6Enrk6yX0YTrzQJvIK5FcXKrVOck+TmVIvzD5WAO5H/3y+qTc=
x-served-by
cache-fra19142-FRA
last-modified
Fri, 05 Jan 2018 20:35:58 GMT
server
AmazonS3
x-timer
S1590085129.537589,VS0,VE1
date
Thu, 21 May 2020 18:18:48 GMT
vary
Accept-Encoding
x-amz-request-id
CC46C7393F4B51BE
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
xls22.png
gr.news-front.info/hoif/2020excel/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr.news-front.info/hoif/2020excel/xls22.png
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.163.162 , Russian Federation, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e92ff4ce1146308df78f46cf8c5f1fca84b22acc8422ca77b3120e6733aed692

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 15:22:29 GMT
last-modified
Thu, 07 May 2020 21:46:24 GMT
server
ddos-guard
age
10579
etag
"5eb481b0-c32a"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
49962
expires
Thu, 28 May 2020 15:22:29 GMT
gtm.js
www.googletagmanager.com/ 		134 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5J4XPK&gtm_auth=UYNjOPXi40kADX0ZYRcuvw&gtm_preview=env-50&gtm_cookies_win=x
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ec905e42bb0d9ed25f9fca9d0758f5c9b2b13e0dd1a09c357f34d921c2c6103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:48 GMT
content-encoding
br
vary
*
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38350
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=1330&u=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&r=0.7952644461320606
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
23768166911088005c6207422478865b3342882b838fa66bea83d7a57038c472

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:48 GMT
content-encoding
gzip
server
gfra1
content-type
application/javascript; charset=UTF-8
status
200
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
SourceSansPro-Regular.967c60da.woff2
assets.aweber-static.com/www/assets/fonts/source-sans-pro/regular/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/fonts/source-sans-pro/regular/SourceSansPro-Regular.967c60da.woff2
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://assets.aweber-static.com/www/assets/css/main.50315030.css
Origin
https://gr.news-front.info

Response headers

x-amz-version-id
nUkSREdmXGzdhRK76f3SJORrxKDXSWfy
via
1.1 varnish
etag
"967c60da0742e7f2bdfbde13accaf519"
age
739933
x-cache
HIT
status
200
content-length
12960
x-amz-id-2
aTir6kfCOOKXvRpXYXl4oh9h2B4qISy2AWa89mjzZkzWnRLOk49o7l0ZFAkvwa1euJTVoa19Lh0=
x-served-by
cache-fra19157-FRA
last-modified
Thu, 30 Nov 2017 16:08:44 GMT
server
AmazonS3
x-timer
S1590085129.689928,VS0,VE1
date
Thu, 21 May 2020 18:18:48 GMT
x-amz-request-id
E2EC88F1D61E249C
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
x-cache-hits
1
SourceSansPro-Semibold.5a4f76c9.woff2
assets.aweber-static.com/www/assets/fonts/source-sans-pro/semibold/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/fonts/source-sans-pro/semibold/SourceSansPro-Semibold.5a4f76c9.woff2
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://assets.aweber-static.com/www/assets/css/main.50315030.css
Origin
https://gr.news-front.info

Response headers

x-amz-version-id
vPnTVymu2.5ASvwIuzzgIqabBa5WpaNy
via
1.1 varnish
etag
"5a4f76c9cb1886f5682d1093f4fac915"
age
739933
x-cache
HIT
status
200
content-length
12916
x-amz-id-2
NbOhvQDg3rKMWGYdwIcVfNJsukKPMyKkcxVkWidmE2lmGpioVruwgzChjjcESiwYw36JYzsxLyU=
x-served-by
cache-fra19157-FRA
last-modified
Thu, 30 Nov 2017 16:08:44 GMT
server
AmazonS3
x-timer
S1590085129.690088,VS0,VE1
date
Thu, 21 May 2020 18:18:48 GMT
x-amz-request-id
D2B3C72F288EF84C
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
x-cache-hits
1
i.js
i.kissmetrics.com/ 		39 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kissmetrics.com/i.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.214.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-214-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 18:17:23 GMT
Server
nginx
P3P
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
39
Expires
Sat, 20 Jun 2020 18:17:23 GMT
7380cf13bcddad3f1993fd5b0f313c4c7c679d73.2.js
scripts.kissmetrics.com/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.kissmetrics.com/7380cf13bcddad3f1993fd5b0f313c4c7c679d73.2.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.150.171 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-150-171.fra53.r.cloudfront.net
Software
nginx/1.6.2 /
Resource Hash
94d0a85870b7bdcec55fc78eaa6bbb969af00dd6fc967be462dfe93e8b21c262

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 18:17:32 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 04 May 2020 14:28:34 GMT
Server
nginx/1.6.2
Age
46
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
P3P
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Via
1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
Content-Type
application/x-javascript; charset=utf-8
X-Amz-Cf-Id
3rZ6g18KGCpTx_DqwWiuv9rNbhy8qmL7VonLw4bmZ6U2P-XTyPM1XA==
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J4XPK&gtm_auth=UYNjOPXi40kADX0ZYRcuvw&gtm_preview=env-50&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
4949
date
Thu, 21 May 2020 16:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 21 May 2020 18:56:19 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J4XPK&gtm_auth=UYNjOPXi40kADX0ZYRcuvw&gtm_preview=env-50&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
20f2b7c4f6f460542ac14424e621a9aa42dbdd98447feb325b3e81e322598860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10882
x-xss-protection
0
server
cafe
etag
5410868192711959244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 21 May 2020 18:18:48 GMT
bat.js
bat.bing.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:48 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2020 20:59:59 GMT
x-msedge-ref
Ref A: 04D2A3FA36344268AB4D317444249023 Ref B: FRA31EDGE0506 Ref C: 2020-05-21T18:18:48Z
status
200
etag
"80b179766929d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7776
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
FDLTnA3sUSna4SfGAOY3rIu0HSbEp39X0C9bLWif09kBu9uTsIq5iajoQS4sS9hrHPqAb39bTaplUhIrgBsAYw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 21 May 2020 18:18:48 GMT, Thu, 21 May 2020 18:18:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 21 May 2020 17:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2492
x-amz-server-side-encryption
AES256
status
200
vary
Origin, Accept-Encoding
content-length
5398
x-amz-id-2
hMoX7WVXMxXxn/0Qs6pE15ZqTQhl51ZTxyHJH9opo1lxkZ7xxOsjwPG/2HntG2f5Jp7haad4pqo=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 23 May 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 17 Apr 2020 10:13:12 GMT
server
ATS
etag
"262ad28777cd04301eaf1ed832269103-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
F1AB9BC9A421FD05
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
.3pslEVav9FDmkNX3peqHq9djDal2LXy
accept-ranges
bytes
content-type
application/javascript
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fe00:1a1::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 May 2020 18:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=44501
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=1330&d=news-front.info&u=D0CD4D57816DB8849EF2A3D0C4CADAC45&h=36bf98aababa99e0b9435b7721bd425d&t=false&r=0.7605077541276972
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1-c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 May 2020 18:18:48 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1-c
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
default.jpg
gr.news-front.info/hoif/2020excel/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr.news-front.info/hoif/2020excel/default.jpg
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.163.162 , Russian Federation, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
a5b1e114bf054a8b54d7af52fdd1a1f8d778d77ba39fb8ff5542ab8d92cdd41f

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 21:14:54 GMT
last-modified
Thu, 07 May 2020 21:46:24 GMT
server
ddos-guard
age
75834
etag
"5eb481b0-1454f"
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
83279
expires
Wed, 27 May 2020 21:14:54 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=276219606&t=pageview&_s=1&dl=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&ul=en-us&de=UTF-8&dt=Request%20for%20Quo...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_gid=2038639678.1590085129&gjid=2101629162&_v=j82&z=580339555
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_v=j82&z=580339555
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_v=j82&z=580339555&slf_rd=1&random=1006465859
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_v=j82&z=580339555&slf_rd=1&random=1006465859
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 May 2020 18:18:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 May 2020 18:18:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_v=j82&z=580339555&slf_rd=1&random=1006465859
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
137848689911278
connect.facebook.net/signals/config/ 		517 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/137848689911278?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7bfdd43f916226eb0c79a518ac4c84ce2fa961794ab83ec2f0d7f0238a4c8161
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
tDJN0zgJT4e8pk8sSHv9xgb4AyrV3MGaymXwy4jB4WZpBdbz5G7oxEvFST0wwiU5K7TCD0Jrdbc8Bb8qjzBkKw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 21 May 2020 18:18:48 GMT, Thu, 21 May 2020 18:18:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&time=1590085128708
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D256865%26url%3Dhttps%253A%252F%252Fgr.news-front.info%252Fhoif%252F2020excel%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&time=1590085128708&liSync=true
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&time=1590085128708&liSync=true
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:48 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
bdoKCQAeERaget/tdisAAA==

Redirect headers

date
Thu, 21 May 2020 18:18:48 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
x-li-pop
prod-tln1
content-length
0
x-li-uuid
huceAgAeERZQ/csnhCsAAA==
pragma
no-cache
server
Play
cache-control
no-cache, no-store
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&time=1590085128708&liSync=true
x-xss-protection
1; mode=block
x-li-proto
http/2
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071267547/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071267547/?random=1590085128712&cv=9&fst=1590085128712&num=1&label=ZCXGCPv1qgMQ2_3o_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5e1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&tiba=Request%20for%20Quotation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34d55fa077600216c8e0d01dc9682200a834c6092f11b8f3a4077be5ad74d9f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 May 2020 18:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1071
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4010922&Ver=2&mid=413b78d2-8937-47da-9a6a-973a96b26fdb&sid=0cc0167c-d992-04c4-23c9-6677c9032a2e&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Request%20for%20Quotation&p=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&r=&lt=498&evt=pageLoad&msclkid=N&sv=1&rn=242489
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 21 May 2020 18:18:48 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: A6D1FE634ACA4DFB9DFDAA97F7CF8AC7 Ref B: FRA31EDGE0506 Ref C: 2020-05-21T18:18:48Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
440422.json
s.yimg.com/wi/config/ 		2 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/440422.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
1FC22EE88F3F1128
x-amz-id-2
mX+xl98pSRQ2t5p2clW1+OQACGmtV4xcTAbbxQ1lw34L4DoAOtjuC717gjStsIKi9SYBlYpMcUM=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
/
www.google.com/pagead/1p-user-list/1071267547/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071267547/?random=1590085128712&cv=9&fst=1590084000000&num=1&label=ZCXGCPv1qgMQ2_3o_gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5e1&sendb=1&frm=0&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&tiba=Request%20for%20Quotation&async=1&fmt=3&is_vtc=1&random=3655097294&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 May 2020 18:18:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1071267547/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1071267547/?random=1590085128712&cv=9&fst=1590084000000&num=1&label=ZCXGCPv1qgMQ2_3o_gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5e1&sendb=1&frm=0&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&tiba=Request%20for%20Quotation&async=1&fmt=3&is_vtc=1&random=3655097294&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 May 2020 18:18:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e
trk.kissmetrics.com/ 		43 B
376 B 		Other
General
Check archive.org
Download Go to
Full URL
https://trk.kissmetrics.com/e
Requested by
Host: scripts.kissmetrics.com
URL: https://scripts.kissmetrics.com/7380cf13bcddad3f1993fd5b0f313c4c7c679d73.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.23.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-23-106.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 21 May 2020 18:18:49 GMT
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 21 May 2020 18:18:48 GMT
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=137848689911278&ev=PageView&dl=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&rl=&if=false&ts=1590085128909&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1590085128908.997413395&it=1590085128703&coo=false&rqm=GET
Requested by
Host: gr.news-front.info
URL: https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:48 GMT, Thu, 21 May 2020 18:18:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 21 May 2020 18:18:48 GMT
sp.pl
sp.analytics.yahoo.com/ 		0
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2021%20May%202020%2018%3A18%3A48%20GMT&n=-2d&b=Request%20for%20Quotation&.yp=440422&f=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&enc=UTF-8
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:49 GMT
x-content-type-options
nosniff
age
0
status
200
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ATS
x-frame-options
DENY
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
application/x-javascript
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
expires
Thu, 21 May 2020 18:18:49 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=137848689911278&ev=Microdata&dl=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&rl=&if=false&ts=1590085129412&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Request%20for%20Quotation%22%2C%22meta%3Adescription%22%3A%22Log%20in%20to%20your%20AWeber%20account%20(or%20AWeber%20affiliate%20account)%20by%20entering%20your%20username%20or%20Affiliate%20ID%20and%20password.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Email%20Marketing%20Software%20%7C%20Email%20Marketing%20Newsletters%20from%20AWeber%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.aweber.com%2Flogin.htm%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.aweber-static.com%2Fwww%2Fassets%2Fimg%2Flogo-og-image.95a2e0b1.jpg%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fassets.aweber-static.com%2Fwww%2Fassets%2Fimg%2Flogo-og-image.95a2e0b1.jpg%22%2C%22og%3Asite_name%22%3A%22AWeber%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Asite%22%3A%22%40aweber%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1590085128908.997413395&it=1590085128703&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 May 2020 18:18:49 GMT, Thu, 21 May 2020 18:18:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 21 May 2020 18:18:49 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| MaskedPassword function| webpackJsonp function| jQuery function| $ function| ga object| dataLayer object| _vwo_code number| settings_timer number| _vwo_settings_timer object| _kmq string| _kmk function| _kms object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject object| _vis_opt_queue number| _vis_counter object| uetq function| fbq function| _fbq object| dotq string| _linkedin_partner_id object| _linkedin_data_partner_ids undefined| b string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET object| YAHOO string| KM_KEY number| KM_INCLUDE_HOSTNAME number| KM_SKIP_PAGE_VIEW number| KM_HANDLE_PRERENDER object| KM function| KMQ undefined| KMCTT_SOURCE string| KMCTT_ORIGIN function| _kmil string| KM_COOKIE_DOMAIN

12 Cookies

Domain/Path Name / Value
.news-front.info/ Name: _fbp
Value: fb.1.1590085128908.997413395
.news-front.info/ Name: km_lv
Value: 1590085129
.news-front.info/ Name: km_ai
Value: QpmOMiVDtp2F%2Fi9G7kv2L2LVqY0%3D
.news-front.info/ Name: km_vs
Value: 1
.news-front.info/ Name: kvcd
Value: 1590085128771
.news-front.info/ Name: _uetsid
Value: 0cc0167c-d992-04c4-23c9-6677c9032a2e
.news-front.info/ Name: _gcl_au
Value: 1.1.1504016882.1590085129
.gr.news-front.info/ Name: _gid
Value: GA1.3.2038639678.1590085129
.gr.news-front.info/ Name: _ga
Value: GA1.3.50922595.1590085129
.news-front.info/ Name: _vwo_uuid_v2
Value: D0CD4D57816DB8849EF2A3D0C4CADAC45|36bf98aababa99e0b9435b7721bd425d
.gr.news-front.info/ Name: _gat
Value: 1
.news-front.info/ Name: __ddg1
Value: P5TzGrA3v0eg5moTh3F1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.aweber-static.com
bat.bing.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
googleads.g.doubleclick.net
gr.news-front.info
i.kissmetrics.com
px.ads.linkedin.com
s.yimg.com
scripts.kissmetrics.com
snap.licdn.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
trk.kissmetrics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
107.22.214.169
151.101.14.49
172.217.18.162
186.2.163.162
212.82.100.181
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2008
2a00:1450:4001:815::2002
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:81b::200e
2a00:1450:400c:c00::9c
2a02:26f0:fe00:1a1::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
34.232.23.106
34.96.102.137
52.222.150.171
0ec905e42bb0d9ed25f9fca9d0758f5c9b2b13e0dd1a09c357f34d921c2c6103
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
20f2b7c4f6f460542ac14424e621a9aa42dbdd98447feb325b3e81e322598860
23768166911088005c6207422478865b3342882b838fa66bea83d7a57038c472
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
34d55fa077600216c8e0d01dc9682200a834c6092f11b8f3a4077be5ad74d9f1
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43c6c415e0250d62b72f26e96e93d7627dd05295cea6dca4f0429e43a91b3aa4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e
4bbb02166c3396d0f40fa8ebe151e046e70e00d2d842fe40d4f215a81f0772b3
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4d4e4bf73adea4c9618bd375cbdd5bb1806a9a97bc7834aec68d21bb9c1e7442
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582
78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c
7bfdd43f916226eb0c79a518ac4c84ce2fa961794ab83ec2f0d7f0238a4c8161
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ac03bb60640d37911839e3408fafc1fa5fa9f9c9dbd3de528066ec1b6597aa
94d0a85870b7bdcec55fc78eaa6bbb969af00dd6fc967be462dfe93e8b21c262
a5b1e114bf054a8b54d7af52fdd1a1f8d778d77ba39fb8ff5542ab8d92cdd41f
b3439248a0ddc569498787cc4d6c8a4c5918988f44fcfa1bd698e0d117968c9e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92ff4ce1146308df78f46cf8c5f1fca84b22acc8422ca77b3120e6733aed692
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629