www.natlawreview.com Open in urlscan Pro
34.237.228.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Effective URL:
https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Submission: On January 20 via api (January 20th 2022, 4:12:31 pm UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 32 domains to perform 134 HTTP transactions. The main IP is 34.237.228.147, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.natlawreview.com. The Cisco Umbrella rank of the primary domain is 146959.
TLS certificate: Issued by Amazon on November 15th 2021. Valid for: a year.

This is the only time www.natlawreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	34.237.228.147 34.237.228.147	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:38ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3035::ac43:9ac0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:ac00:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1	18.66.243.65 18.66.243.65	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	13.33.241.218 13.33.241.218	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	54.91.161.246 54.91.161.246	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:215... 2600:9000:2156:dc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::6815:3c02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	52.218.168.208 52.218.168.208	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	104.92.105.214 104.92.105.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	104.111.243.142 104.111.243.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.239.153 104.111.239.153	16625 (AKAMAI-AS) (AKAMAI-AS)
1	50.112.99.14 50.112.99.14	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
24	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.123.205.63 3.123.205.63	16509 (AMAZON-02) (AMAZON-02)
3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
24	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	54.229.132.166 54.229.132.166	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::6815:5eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
134	40

14 34.237.228.147 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-228-147.compute-1.amazonaws.com

www.natlawreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:38ad (United States)

ASN13335 (CLOUDFLARENET, US)

mgmpyqsthffzb88cl.ay.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::ac43:9ac0 (United States)

ASN13335 (CLOUDFLARENET, US)

a.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ac00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.243.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-243-65.dus51.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.241.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-241-218.hel50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.91.161.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-161-246.compute-1.amazonaws.com

analytics.natlawreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:3c02 (United States)

ASN13335 (CLOUDFLARENET, US)

code.jguery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.168.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.105.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-105-214.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.243.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-142.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.153 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-153.deploy.static.akamaitechnologies.com

l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.112.99.14 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-99-14.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.205.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.132.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-132-166.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5eb (United States)

ASN13335 (CLOUDFLARENET, US)

pb.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693	5 KB
24	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 467	31 KB
17	natlawreview.com 1 redirects www.natlawreview.com — Cisco Umbrella Rank: 146959 analytics.natlawreview.com — Cisco Umbrella Rank: 224213	217 KB
14	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438 www.google.com — Cisco Umbrella Rank: 13 cse.google.com — Cisco Umbrella Rank: 2788 clients1.google.com — Cisco Umbrella Rank: 437	475 KB
9	gstatic.com fonts.gstatic.com	330 KB
5	publir.com a.publir.com — Cisco Umbrella Rank: 35709 pb.publir.com — Cisco Umbrella Rank: 41805	431 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	125 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	41 KB
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 241	2 KB
3	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 4855 l3.aaxads.com — Cisco Umbrella Rank: 5955	111 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 47	38 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2366	23 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100	153 KB
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 670	229 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 600	268 B
1	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2218	1 KB
1	trustedsite.com www.trustedsite.com — Cisco Umbrella Rank: 15449	944 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 8265	323 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 71	4 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5557	501 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	2 KB
1	jguery.com code.jguery.com — Cisco Umbrella Rank: 40009	35 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	437 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	27 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 3627	21 KB
1	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 12126	10 KB
1	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 9948	5 KB
1	ay.delivery mgmpyqsthffzb88cl.ay.delivery — Cisco Umbrella Rank: 242814	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	62 KB
0	pubmatic.com Failed hbopenbid.pubmatic.com Failed
134	32

	Domain	Requested by
24	c2shb.ssp.yahoo.com	www.datadoghq-browser-agent.com
24	fastlane.rubiconproject.com	www.datadoghq-browser-agent.com
14	www.natlawreview.com	1 redirects www.natlawreview.com
9	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	1 redirects www.google.com www.natlawreview.com
5	fundingchoicesmessages.google.com	www.natlawreview.com www.datadoghq-browser-agent.com securepubads.g.doubleclick.net
4	c.amazon-adsystem.com	a.publir.com www.datadoghq-browser-agent.com
4	a.publir.com	www.natlawreview.com a.publir.com
3	ib.adnxs.com	www.datadoghq-browser-agent.com
3	analytics.natlawreview.com	www.natlawreview.com
3	www.google-analytics.com	www.googletagmanager.com www.natlawreview.com www.google-analytics.com
2	c.aaxads.com	www.natlawreview.com
2	script.4dex.io	a.publir.com www.datadoghq-browser-agent.com
2	s3-us-west-2.amazonaws.com	www.datadoghq-browser-agent.com
2	securepubads.g.doubleclick.net	www.googletagservices.com www.datadoghq-browser-agent.com
2	cse.google.com	www.natlawreview.com www.google.com
2	fonts.googleapis.com	www.natlawreview.com
2	pagead2.googlesyndication.com	www.natlawreview.com pagead2.googlesyndication.com
1	pb.publir.com	www.datadoghq-browser-agent.com
1	ads.yieldmo.com	www.datadoghq-browser-agent.com
1	tlx.3lift.com	www.datadoghq-browser-agent.com
1	web.hb.ad.cpe.dotomi.com	www.datadoghq-browser-agent.com
1	www.trustedsite.com	cdn.ywxi.net
1	l3.aaxads.com	www.natlawreview.com
1	www.aaxdetect.com	www.natlawreview.com
1	clients1.google.com	www.natlawreview.com
1	lh3.googleusercontent.com	www.natlawreview.com
1	www.google.de	www.natlawreview.com
1	cdn.jsdelivr.net	www.datadoghq-browser-agent.com
1	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	code.jguery.com	www.natlawreview.com
1	rules.quantcount.com	edge.quantserve.com
1	www.googletagservices.com	a.publir.com
1	www.datadoghq-browser-agent.com	www.natlawreview.com
1	edge.quantserve.com	www.natlawreview.com
1	cdn.ywxi.net	www.natlawreview.com
1	ajax.googleapis.com	www.natlawreview.com
1	mgmpyqsthffzb88cl.ay.delivery	www.natlawreview.com
1	www.googletagmanager.com	www.natlawreview.com
0	hbopenbid.pubmatic.com Failed	www.datadoghq-browser-agent.com
134	41

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.linkedin.com
nationallawforum.com
publir.com

Subject Issuer	Validity	Valid
natlawreview.com Amazon	`2021-11-15` - `2022-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-06` - `2022-05-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
publir.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.ywxi.net Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-17`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.aaxads.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.aaxdetect.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.trustedsite.com Amazon	`2021-02-09` - `2022-03-10`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Frame ID: 82166FD2D1D49B0C4F95A381C9598E35
Requests: 133 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html
Frame ID: 1E800CCF8E21D4D9CA0BE0FC576ACC64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found | The National Law Reviewsearchsearch

Page URL History Show full URLs

http://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp HTTP 301
https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

134
Requests

99 %
HTTPS

64 %
IPv6

32
Domains

41
Subdomains

40
IPs

5
Countries

2181 kB
Transfer

5379 kB
Size

17
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/NatLawReview
Title: FB

Search URL Search Domain Scan URL

URL: https://www.twitter.com/natlawreview
Title: twt

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/381100
Title: link

Search URL Search Domain Scan URL

URL: https://nationallawforum.com/
Title: home

Search URL Search Domain Scan URL

URL: https://publir.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp HTTP 301
https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug HTTP 301
https://cse.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug

134 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request why-norton-anti-virus-becoming-crypto-mining-botnet%3famp Show response
www.natlawreview.com/article/
Redirect Chain

http://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

59 KB
18 KB

1020ms
819ms

Document
text/html

34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-228-147.compute-1.amazonaws.com

Software

nginx/1.18.0 / PHP/7.1.33

Resource Hash

9debc70d4a54bd7ebe31f1277c9285c5c065c39c9928c1b927ac4cb681e6ca2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-type: text/html; charset=utf-8
content-length: 17975
server: nginx/1.18.0
vary: Accept-Encoding, Cookie
x-powered-by: PHP/7.1.33
x-drupal-cache: MISS
x-content-type-options: nosniff
etag: W/"1642695144-0"
content-language: en
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
x-ua-compatible: IE=edge
cache-control: public, max-age=1800
last-modified: Thu, 20 Jan 2022 16:12:24 GMT
content-encoding: gzip
accept-ranges: bytes
x-varnish: 837144818
age: 0
via: 1.1 varnish
x-varnish-server: A
x-varnish-cache: MISS

Redirect headers

Server: awselb/2.0
Date: Thu, 20 Jan 2022 16:12:24 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://www.natlawreview.com:443/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
62 KB 51ms
27ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VBNQFDJGG6

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46aab42e9310d8be5a4071fbe172e2b5614e003a600cb10a9b0eebe6d6a95818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62562
x-xss-protection: 0
expires: Thu, 20 Jan 2022 16:12:25 GMT

GET
H2 200 client-v1.js Show response
mgmpyqsthffzb88cl.ay.delivery/ 17 KB
6 KB 106ms
48ms Script
application/javascript 2606:4700:3036::6815:38ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgmpyqsthffzb88cl.ay.delivery/client-v1.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe76937493e0cccf27fe7e05030bb8ec5e36d86e9da33aaa7ae7bbd6848d15c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 10:54:28 GMT
server: cloudflare
age: 673
etag: W/"606ee0e4-4320"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rf1Jj07ILIhk2%2FP72zStO14T5iFvv5duwGy1r%2BD06oPloy38Iw6voTp1bxpom0zSyUgxy%2BJ224OQEMtIOWv2OPaE%2BADG6UuX0vIdQFUIxW1A1Z5Y9dZunXMb5XSsT7r0ppkoXbt7WkAwbigpCXOX8Hp2oXrdqWtu9S2dbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d0995930b0de618-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css__tUXHfVd2zzCS8pSelTe8TuTpDh4QN-A0jdWY48w0JN0__xjNUcB-W2HyHKbOigyfwfufSnPf4oj09UfX0ags6fEs__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css
www.natlawreview.com/sites/default/files/advagg_css/ 22 KB
6 KB 207ms
205ms Stylesheet
text/css 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.natlawreview.com/sites/default/files/advagg_css/css__tUXHfVd2zzCS8pSelTe8TuTpDh4QN-A0jdWY48w0JN0__xjNUcB-W2HyHKbOigyfwfufSnPf4oj09UfX0ags6fEs__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8c319f30e602a61ace4973bac9ce1ebdf319568ae4d3d668f488a6017602b6f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 03:46:32 GMT
server: nginx/1.18.0
age: 0
x-varnish-server: A
etag: W/"60b85098-5951"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
x-varnish: 837144820
accept-ranges: bytes
content-length: 5884

GET
H2 200 css__jf7nDHBRe4p1FYo1DBnENNqP1JOenm1iahS_YO4f9Ao__rgEq_rJYwrKBEj1P1dUM6vh0ppWTlVx49SzjGpy6xdI__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css
www.natlawreview.com/sites/default/files/advagg_css/ 126 KB
29 KB 107ms
106ms Stylesheet
text/css 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.natlawreview.com/sites/default/files/advagg_css/css__jf7nDHBRe4p1FYo1DBnENNqP1JOenm1iahS_YO4f9Ao__rgEq_rJYwrKBEj1P1dUM6vh0ppWTlVx49SzjGpy6xdI__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e32a6322a5fcbf7a5d5b415b7a93e0a6839e0c530fcf18fb4c3d4a36ba30cc7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 17:20:01 GMT
server: nginx/1.18.0
age: 99
x-varnish-server: A
etag: W/"61cb4741-1f609"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
x-varnish: 837144822 837143850
accept-ranges: bytes
content-length: 29146

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 18:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jan 2023 18:12:53 GMT

GET
H2 200 505.js Show response
a.publir.com/platform/ 99 KB
10 KB 123ms
50ms Script
text/javascript 2606:4700:3035::ac43:9ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/505.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ac0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 282efac1b4b9bf569f4af0e113eeaaab3e04aa7ef0a0a2b3cad523a60295ebff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59487
cf-polished: origSize=112204
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3CZEXXB6JFHWTCWK
x-amz-id-2: P1BgNV0OMuu/C8nq9SdUU2ziTEDeyaMZmiHsgZ31Sfz2CzH60kb7I/zKnbhVUeXxA1gcmKBeioQ=
last-modified: Wed, 19 Jan 2022 23:25:32 GMT
server: cloudflare
etag: W/"62ba0a7f1388f16b959285ea09d6765b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TyG7CoRcJ6PDZOP8QzobhEX2WopjzGG4XaiKYWzcxAUnLO9liNvQG9zBFGLeQDhIJzzWc6FGynwRTmuTtK3dRGXsaTHoXw3U9Yf4HFKAd%2Bu7swMRfbQBJ7WyUrbnooDbIrB6TiFpUUANqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 6d0995932e23065e-LHR
cf-bgj: minify

GET
H2 200 js__sA7rIig3MKSTMzcDh_Pcv06dL71VxZvh8BR7SE0NTKU__EwEscqBUUP1bQjjECamXc3-R51z3kW-xAUHxpAKDC5w__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js Show response
www.natlawreview.com/sites/default/files/advagg_js/ 11 KB
5 KB 106ms
105ms Script
application/javascript 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.natlawreview.com/sites/default/files/advagg_js/js__sA7rIig3MKSTMzcDh_Pcv06dL71VxZvh8BR7SE0NTKU__EwEscqBUUP1bQjjECamXc3-R51z3kW-xAUHxpAKDC5w__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 236a51aa5505de155c71197e21c4417ae947bdf259922836b2b37d5a6dc100d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
last-modified: Tue, 13 Oct 2020 06:25:25 GMT
server: nginx/1.18.0
age: 81
x-varnish-server: A
etag: W/"5f854855-2d41"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
x-varnish: 837144821 837144014
accept-ranges: bytes
content-length: 4549

GET
H2 200 js__v_4yJHVtE6RUu6yqhWqVJhN8cT82FDxs_Va_i0KPQGA___KUAEsLwjVY8b9aazeewCHQlrDYjy9O379NZ1kVtHZ8__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js Show response
www.natlawreview.com/sites/default/files/advagg_js/ 52 KB
10 KB 101ms
101ms Script
application/javascript 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.natlawreview.com/sites/default/files/advagg_js/js__v_4yJHVtE6RUu6yqhWqVJhN8cT82FDxs_Va_i0KPQGA___KUAEsLwjVY8b9aazeewCHQlrDYjy9O379NZ1kVtHZ8__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 50992104fafaa6bda9f6c4a9549303c395dca21e331f5e6ae6ded59d2725f032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 03:41:02 GMT
server: nginx/1.18.0
age: 41
x-varnish-server: A
etag: W/"60b84f4e-d0d5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
x-varnish: 837144827 837144456
accept-ranges: bytes
content-length: 10081

GET
H2 200 js__ypWhyGuBX7KAVwaQXw6fW5iwxNn8-0dfDjFAPGfhf0g__-pcWMgEEpHn0derEugfBqxJsqHEaZ53ZRsu4eNOsF4c__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js Show response
www.natlawreview.com/sites/default/files/advagg_js/ 15 KB
6 KB 202ms
201ms Script
application/javascript 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.natlawreview.com/sites/default/files/advagg_js/js__ypWhyGuBX7KAVwaQXw6fW5iwxNn8-0dfDjFAPGfhf0g__-pcWMgEEpHn0derEugfBqxJsqHEaZ53ZRsu4eNOsF4c__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 5cb9f494d5d89e364dfa172d996f6510bb1ad3dbe8f8a0a6f5845435cf5af7c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
last-modified: Tue, 14 Jul 2020 19:32:03 GMT
server: nginx/1.18.0
age: 99
x-varnish-server: A
etag: W/"5f0e0833-3a45"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
x-varnish: 837144823 837143851
accept-ranges: bytes
content-length: 5071

GET
H2 200 js__N0vDozt5SlGOPrqQq3am--hphvvDK7IfBo3ByRgN4wM__yPA6Q7B7sloSjXkonu8C3nIud4YLoOpunPGumwKLUG8__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js Show response
www.natlawreview.com/sites/default/files/advagg_js/ 25 KB
7 KB 204ms
203ms Script
application/javascript 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.natlawreview.com/sites/default/files/advagg_js/js__N0vDozt5SlGOPrqQq3am--hphvvDK7IfBo3ByRgN4wM__yPA6Q7B7sloSjXkonu8C3nIud4YLoOpunPGumwKLUG8__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 53e84706929d914ca2023678e9abbd9525d4614700e6df3c1bdbc552eaa707f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
last-modified: Tue, 13 Oct 2020 05:06:22 GMT
server: nginx/1.18.0
age: 98
x-varnish-server: A
etag: W/"5f8535ce-6494"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
x-varnish: 837144824 837143854
accept-ranges: bytes
content-length: 6875

GET
H2 200 js__CObPANns7tkjP3GlsQInY10g12LrTE4Ynk_aPIJJAY0__G3zueekVkJPFdx--QK6Biki1NtPoZ0ZAJzNS_mLyFfY__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js Show response
www.natlawreview.com/sites/default/files/advagg_js/ 28 KB
10 KB 203ms
202ms Script
application/javascript 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.natlawreview.com/sites/default/files/advagg_js/js__CObPANns7tkjP3GlsQInY10g12LrTE4Ynk_aPIJJAY0__G3zueekVkJPFdx--QK6Biki1NtPoZ0ZAJzNS_mLyFfY__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 41d9d62cf2e4a9b87ec1961abe623b8c73a54dfad9967c1414f20914cb51dae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:09:28 GMT
server: nginx/1.18.0
age: 99
x-varnish-server: A
etag: W/"5efd41d8-71f2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
x-varnish: 837144825 837143852
accept-ranges: bytes
content-length: 9309

GET
H2 200 dynamic-cache.js Show response
www.natlawreview.com/sites/all/modules/nlr/ 1 KB
1 KB 205ms
204ms Script
application/javascript 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.natlawreview.com/sites/all/modules/nlr/dynamic-cache.js?1642695145
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: f7f5a8400cc4ffc5704d4e5bda9d03b3127e69e4548d985d0e0a33004567bfef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 12:37:07 GMT
server: nginx/1.18.0
age: 0
x-varnish-server: A
etag: W/"61e95773-4e1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
x-varnish: 837144826
accept-ranges: bytes
content-length: 629

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 18 KB
5 KB 65ms
8ms Script
text/javascript 2600:9000:2057:ac00:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ac00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

49003c970644945f5d917faa1ad44eb94547494d060c9d959132e8fe3db67205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 15:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2540
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4523
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 4M6kw4dvHpP0EUAMIs_Id5NnDh2tHp3kretWpc5cr4nE3J11lL-WUw==
expires: Thu, 20 Jan 2022 16:30:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 64ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b7357d687b23af6558ce68b78428beda7b9654144c3f08255056a59b06ad833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51979
x-xss-protection: 0
server: cafe
etag: 12924451748034484343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 16:12:25 GMT

GET
H2 200 logo.png
www.natlawreview.com/sites/all/themes/nationallaw/ 5 KB
6 KB 106ms
103ms Image
image/png 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.natlawreview.com/sites/all/themes/nationallaw/logo.png
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 0881a7757f1d927e26db96f23affdfcec5feb3af03c216d1774000440ad3d4a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
via: 1.1 varnish
last-modified: Tue, 01 Jan 2019 16:10:14 GMT
server: nginx/1.18.0
age: 74
x-varnish-server: A
etag: "5c2b90e6-1564"
x-varnish: 837144828 837144162
accept-ranges: bytes
content-type: image/png
content-length: 5476

GET
H2 200 WBE_Seal_RGB.png
www.natlawreview.com/sites/all/themes/nationallaw/ 50 KB
51 KB 106ms
103ms Image
image/png 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.natlawreview.com/sites/all/themes/nationallaw/WBE_Seal_RGB.png
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: abfc05d969bd7e1f9cc190eb35fa094fa057a94a37e4c84b0da26a6cfceca165

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
via: 1.1 varnish
last-modified: Mon, 13 Jul 2020 11:15:15 GMT
server: nginx/1.18.0
age: 41
x-varnish-server: A
etag: "5f0c4243-c8cb"
x-varnish: 837144829 837144462
accept-ranges: bytes
content-type: image/png
content-length: 51403

GET
H2 200 quant.js Show response
edge.quantserve.com/ 24 KB
10 KB 78ms
8ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 27 Jan 2022 16:12:25 GMT

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/ 64 KB
21 KB 40ms
10ms Script
application/javascript 18.66.243.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.243.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-243-65.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:11:28 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:21:08 GMT
server: AmazonS3
age: 147
etag: W/"6f16bc452a225d7da116aa4c430872f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 5uP_TKTHTL31Io9ov8oEBwmagXYoqX3tO-Btb7JOf4KHNJt9MZwJfg==

POST
H2 204 collect
www.google-analytics.com/g/ 0
351 B 43ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VBNQFDJGG6&gtm=2oe1c0&_p=519955527&sr=1600x1200&ul=en-us&cid=344252237.1642695145&_s=1&dl=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&dt=Page%20not%20found%20%7C%20The%20National%20Law%20Review&sid=1642695145&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VBNQFDJGG6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 16:12:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.natlawreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic,700italic|Roboto+Slab:400,300,700|Oswald:400,300,700|Merriweather:400,300,300italic,400italic,700,700italic

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/sites/default/files/advagg_css/css__jf7nDHBRe4p1FYo1DBnENNqP1JOenm1iahS_YO4f9Ao__rgEq_rJYwrKBEj1P1dUM6vh0ppWTlVx49SzjGpy6xdI__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c56ce2afa78ed30efb96f91bde9523bd4a1dc036b5df1e6539f24cdf85b36c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 16:12:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 16:12:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 16:12:25 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 224ms
71ms Script
application/javascript 13.33.241.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.241.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-241-218.hel50.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding: gzip
server: Server
x-amz-cf-pop: HEL50-C1
x-amz-rid: 0W8PCFGMCM9ABTNBF9ZZ
etag: 8d3665a9b316600491247ca6d78c204c
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b2756db0e58306bee6945607dbb05978.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Thu, 20 Jan 2022 16:12:25 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6pk64zC4Dc-2OI2vnDkkHr374X15M6z8Q7coqGerCCePfmvDtguUiw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/505.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2cf28a5cc075cb602d1fc628e07c33e1446bc58a89e32dc604bf560f4cb2698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26997
x-xss-protection: 0
server: sffe
etag: "1107 / 962 of 1000 / last-modified: 1642680294"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jan 2022 16:12:25 GMT

GET
H2 200 prebid410.js Show response
a.publir.com/platform/common/ 1 MB
402 KB 59ms
57ms Script
application/x-javascript 2606:4700:3035::ac43:9ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/common/prebid410.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ac0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f983d412ee16abb31eb570ed4a60d67847e4eea49d3f46f5516b0b515896e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 553072
x-amz-meta-cb-modifiedtime: Thu, 30 Jul 2020 21:16:46 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F3MQKY3D7BNC0RJ5
x-amz-id-2: 2ADzmWiIbhuWYTLx9G7WpqYHEdodDNA0hUZWg1YnwYWwmRKQ1k3T6JLg9TLon9VtFAaLpaSjx3w=
last-modified: Thu, 30 Jul 2020 21:23:14 GMT
server: cloudflare
etag: W/"53698dbee46ac3b06a34fbf7fa4f7d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUu7%2BEjUt52%2BwUCrHJsA0yDds1ohhu99uCAyRsg%2FHti2y8lDslFG5Tr8NKekbSWeTpAnji6kwXhcrTZ%2FP7sVJoHitZ8sOn3smGKF11bgE7UMqV4kgUWtfqc2qtdYtavzcp0ojeh%2BCtHBw4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-polished: origSize=1552214
cf-ray: 6d09959468ab065e-LHR
cf-bgj: minify

GET
H2 200 mobile-detect.min.js Show response
a.publir.com/platform/common/ 38 KB
17 KB 42ms
41ms Script
application/javascript 2606:4700:3035::ac43:9ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/common/mobile-detect.min.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ac0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190da0476f8cce20db0253b544d4188fde9cdc8f8e86cdedd0ef083a6520fd60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2134585
x-amz-meta-sha256: 190da0476f8cce20db0253b544d4188fde9cdc8f8e86cdedd0ef083a6520fd60
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5QGFFPEHDJBTZ8D3
x-amz-id-2: +bkaFuDYAxjYhcILQpYFikmo/mnneIwQNDBAwjeLz8aizK7TNkFrHiqz310lP8DrUufiMRbmdZY=
last-modified: Fri, 29 May 2020 22:48:54 GMT
server: cloudflare
etag: W/"62e66f11579cff8263e630e9fe07602d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBcoawntpgrujRP6aA%2FXwmm6Hggw3yO4OQVu5Ck1S3qluJgBZ2bmvuUcSvoU9CCPT%2BHXrQ1v1410iU%2BRXonEg4%2FFH2Ji4E2OI1sRaWyZ%2BN9V7bfcFGWteXPG7q8PYjwIlBoIyKrji6QJHDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 6d09959468ae065e-LHR
x-amz-meta-s3b-last-modified: 20190621T210253Z

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2251
date: Thu, 20 Jan 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 20 Jan 2022 17:34:54 GMT

GET
H2 200 AGSKWxVlVqJkVo7m661n7sPB5qBkqL4Er3A9Zywx2ilbkD7aDvd_Fjz3T8bWr_LMgbaiKwUnQCj7BtoiExJ3A5dN8xg= Show response
fundingchoicesmessages.google.com/f/ 87 KB
31 KB 64ms
36ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVlVqJkVo7m661n7sPB5qBkqL4Er3A9Zywx2ilbkD7aDvd_Fjz3T8bWr_LMgbaiKwUnQCj7BtoiExJ3A5dN8xg=

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0587c56cff11c75a93a78485db0287ba6bcabad4573c0d9bc018e0d1e29103a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DamgxQ9atcS97I2inOlPfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DamgxQ9atcS97I2inOlPfQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DamgxQ9atcS97I2inOlPfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DamgxQ9atcS97I2inOlPfQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 social_icon_new_blue.png
www.natlawreview.com/sites/all/themes/nationallaw/img/ 3 KB
3 KB 103ms
102ms Image
image/png 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.natlawreview.com/sites/all/themes/nationallaw/img/social_icon_new_blue.png
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/sites/default/files/advagg_css/css__jf7nDHBRe4p1FYo1DBnENNqP1JOenm1iahS_YO4f9Ao__rgEq_rJYwrKBEj1P1dUM6vh0ppWTlVx49SzjGpy6xdI__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 09160c2b7d90c94229f0f03644c7cf9ff37824838a6e02f0fbc9d049b86350fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/sites/default/files/advagg_css/css__jf7nDHBRe4p1FYo1DBnENNqP1JOenm1iahS_YO4f9Ao__rgEq_rJYwrKBEj1P1dUM6vh0ppWTlVx49SzjGpy6xdI__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
via: 1.1 varnish
last-modified: Tue, 01 Jan 2019 16:10:14 GMT
server: nginx/1.18.0
age: 58
x-varnish-server: A
etag: "5c2b90e6-ade"
x-varnish: 837144830 837144289
accept-ranges: bytes
content-type: image/png
content-length: 2782

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic,700italic|Roboto+Slab:400,300,700|Oswald:400,300,700|Merriweather:400,300,300italic,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 21:33:16 GMT
x-content-type-options: nosniff
age: 67149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 21:33:16 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 31 KB
32 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 03:21:26 GMT
x-content-type-options: nosniff
age: 132659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31624
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 03:21:26 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 43ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 21:39:37 GMT
x-content-type-options: nosniff
age: 66768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19780
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 21:39:37 GMT

GET
H2 200 downarrow.png
www.natlawreview.com/sites/all/themes/nationallaw/img/ 966 B
1 KB 101ms
101ms Image
image/png 34.237.228.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.natlawreview.com/sites/all/themes/nationallaw/img/downarrow.png
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/sites/default/files/advagg_css/css__jf7nDHBRe4p1FYo1DBnENNqP1JOenm1iahS_YO4f9Ao__rgEq_rJYwrKBEj1P1dUM6vh0ppWTlVx49SzjGpy6xdI__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.228.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-228-147.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 08fa0522855031ffacbaf0610b7cf13ac69f38270cc8b4842f54517a4cf8e1a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/sites/default/files/advagg_css/css__jf7nDHBRe4p1FYo1DBnENNqP1JOenm1iahS_YO4f9Ao__rgEq_rJYwrKBEj1P1dUM6vh0ppWTlVx49SzjGpy6xdI__AYs7UFopT1QSKST0TlBZ2scElRCJzP_WZHnQhDoEQq4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Thu, 20 Jan 2022 16:12:25 GMT
via: 1.1 varnish
last-modified: Tue, 01 Jan 2019 16:10:14 GMT
server: nginx/1.18.0
age: 74
x-varnish-server: A
etag: "5c2b90e6-3c6"
x-varnish: 837144831 837144166
accept-ranges: bytes
content-type: image/png
content-length: 966

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug
https://cse.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug

10 KB
4 KB

63ms
41ms

Script
text/javascript

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

355964d0abb09ac11ef8de7d38fe8bf752285ced411aff055de07cad53484be6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3605
x-xss-protection: 0
server: gws
expires: Thu, 20 Jan 2022 16:12:25 GMT

Redirect headers

date: Thu, 20 Jan 2022 16:12:19 GMT
x-content-type-options: nosniff
server: sffe
age: 6
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
expires: Thu, 20 Jan 2022 16:42:19 GMT

GET
H3 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v16/ 32 KB
32 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:15:12 GMT
x-content-type-options: nosniff
age: 25033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32876
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 20 Jan 2023 09:15:12 GMT

GET
H2 200 piwik.js Show response
analytics.natlawreview.com/ 62 KB
62 KB 330ms
98ms Script
text/javascript 54.91.161.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.natlawreview.com/piwik.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.161.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-161-246.compute-1.amazonaws.com
Software: Apache/2.4.48 (Amazon) PHP/7.1.33 /
Resource Hash: 8fbe1031e8234fab32983f4e5afbc30831720db278418b5a4a48e50ad7611d15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
last-modified: Wed, 06 Dec 2017 00:07:04 GMT
server: Apache/2.4.48 (Amazon) PHP/7.1.33
accept-ranges: bytes
etag: "f74f-55fa0bb387a00"
content-length: 63311
content-type: text/javascript

GET
H2 200 rules-p-7anzYTTXSJhrY.js Show response
rules.quantcount.com/ 3 B
437 B 31ms
9ms Script
application/javascript 2600:9000:2156:dc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-7anzYTTXSJhrY.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:55:22 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
age: 47824
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:09:04 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7q0-UXCacVwD6Ima_Q2v0qqe6nFARnsoYmy9Yyv7RQgAS3TaJrUBpA==

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 21:26:28 GMT
x-content-type-options: nosniff
age: 240357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 17 Jan 2023 21:26:28 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 04:27:49 GMT
x-content-type-options: nosniff
age: 560676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 04:27:49 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
code.jguery.com/ 95 KB
35 KB 391ms
193ms Script
application/javascript 2606:4700:3031::6815:3c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jguery.com/jquery-1.11.1.min.js
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f93339118de2787095acb131c2337a19dd7f4ad2455e5af8ea29c35bf84570

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1x289eD8ybtx8Z8JaZxJ17%2Ffk5ME3WJZWANyCHgIZOaIicQv3W84Dc63MzqpC451yOK%2BEgjm%2B4W0jmC64iK4VNZBK5v2e78qAjFEcVzIwUGsc71gzgDNrL1VlkwQz%2FoooLaGOS81ASJTjbv3lAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d0995966ad9e76c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=519955527&t=pageview&_s=1&dl=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&dp=%2F404.html%3Fpage%3D%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20The%20National%20Law%20Review&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1532741302&gjid=251322995&cid=344252237.1642695145&tid=UA-11994645-1&_gid=1724736267.1642695146&_r=1&_slc=1&z=201500549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 16:12:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.natlawreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
119 KB 29ms
6ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 15:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 20 Jan 2023 15:31:14 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 121 B
731 B 38ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.natlawreview.com

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2d4ac82d9d68d2c82dfd2897929059e20c4b3ab9bf4a20de0668fd943e5c6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Thu, 20 Jan 2022 16:12:25 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 21:34:12 GMT
x-content-type-options: nosniff
age: 67093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 21:34:12 GMT

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/natlawreview.com/ 174 B
968 B 675ms
178ms XHR
application/json 52.218.168.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/natlawreview.com/client.json?source=jsmain
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.168.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1710b3829994eea669a96a109cfaf8d18fd086e4d813448b75fa13590bd28461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 16:12:27 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: W76ERPRRCGPTQSNT
x-amz-replication-status: COMPLETED
Content-Length: 152
x-amz-id-2: OPNmKbi/gWWEdPV522CGzl3Cz5BXP98KoOLEbbm/+4feiUMSqv5q5ZR8ctaxP6Z/MPnWoOjhnsg=
Last-Modified: Sat, 01 Jan 2022 09:01:45 GMT
Server: AmazonS3
ETag: "57848650355952838d113e7327ef8301"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: rOdggpubNkfISdGti_vrEkJ1dviSIMRW
Access-Control-Allow-Origin: https://www.natlawreview.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/natlawreview.com/ 174 B
968 B 662ms
166ms XHR
application/json 52.218.168.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/natlawreview.com/client.json?source=jsinline
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.168.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1710b3829994eea669a96a109cfaf8d18fd086e4d813448b75fa13590bd28461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 16:12:27 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: W76BDB1YWJRDH3VX
x-amz-replication-status: COMPLETED
Content-Length: 152
x-amz-id-2: lOQCLuGUjiepu2QFbWI3MMxCc+IvnjwGvi2jX5QvC0PRakf+AvsexGAtSAJkVOaIO7HSiVfEBEw=
Last-Modified: Sat, 01 Jan 2022 09:01:45 GMT
Server: AmazonS3
ETag: "57848650355952838d113e7327ef8301"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: rOdggpubNkfISdGti_vrEkJ1dviSIMRW
Access-Control-Allow-Origin: https://www.natlawreview.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180401/ 283 KB
102 KB 53ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1804768695248883&plah=www.natlawreview.com&bust=31064162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afe3063ed97dc764b61cc6d0726648745df361f274c3497e9ec2e0798a9c55b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104322
x-xss-protection: 0
server: cafe
etag: 15312568035994795671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 16:12:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/ Frame 1E80 11 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Thu, 20 Jan 2022 15:36:19 GMT
expires: Thu, 03 Feb 2022 15:36:19 GMT
cache-control: public, max-age=1209600
age: 2166
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 AGSKWxUXbe9qaoaGZr6hPW9A5YacJD5k_OuFs1SLZZvUHNDQAmYfsnsv1v0LubNl1nWe1np2l58zQYfWrIrWAhspBsw= Show response
fundingchoicesmessages.google.com/f/ 152 KB
43 KB 62ms
47ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUXbe9qaoaGZr6hPW9A5YacJD5k_OuFs1SLZZvUHNDQAmYfsnsv1v0LubNl1nWe1np2l58zQYfWrIrWAhspBsw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQyNjk1MTQ1LDkxMzAwMDAwMF0sIkFCM0VCQTI2LUU1MDQtNDhDRS1CQjhDLTI3NDNDNDE0NDcyRSIsIjlENkZFNkExLUFFMDktNDQ0MC04N0M1LUIxNjQ5NjkwOUUyNSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5uYXRsYXdyZXZpZXcuY29tL2FydGljbGUvd2h5LW5vcnRvbi1hbnRpLXZpcnVzLWJlY29taW5nLWNyeXB0by1taW5pbmctYm90bmV0JTNmYW1wIixudWxsLFtdXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Kyaxr95DqYA.es5.O/d=1/rs=AJlcJMwRl7ivuxs86EmGU8gOG64C5qlT-g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09d308ebeba22cde869cf02c2d398bb160a2186f98bcff6daeb4d44eed88a7df

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ERzQFXK4VIFHPNV4iT7/yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ERzQFXK4VIFHPNV4iT7/yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 16:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ERzQFXK4VIFHPNV4iT7/yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ERzQFXK4VIFHPNV4iT7/yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11994645-1&cid=344252237.1642695145&jid=1532741302&gjid=251322995&_gid=1724736267.1642695146&_u=YADAAEAAAAAAAC~&z=1308125488

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 Jan 2022 16:12:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.natlawreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
969 B 42ms
16ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid410.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68899
content-type: application/javascript
x-amz-request-id: tx405249188a46458ab6884-0061d5ef52
x-amz-id-2: tx405249188a46458ab6884-0061d5ef52
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcaVcphYscRPh1YswvcYoVO7MRfG3v7IR61qu3358IO0iuw72VztRkwC92xgpAhJlIDS%2BYXW93vB0C%2Fey3Wl%2BHrcFZ3wpriiMQma3%2B8FaXQojYG3To6mNSO2fcxHhJ%2B95PuFpH5uEzATFoqT"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1638788436623244
cache-control: public, max-age=1800
cf-ray: 6d09959679512b71-FRA
expires: Thu, 20 Jan 2022 16:42:26 GMT

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 14 KB
2 KB 84ms
37ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25034
x-jsd-version: 1.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19137-FRA, cache-mxp6948-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d099596da5e0f7e-MXP

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/ff97a008b4153450/ 301 KB
301 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__en.js?usqp=CAM%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eafc0571b8ce226f09e8de577d88921a0218da6ff4982984e357ada8e08031b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 19:01:13 GMT
x-content-type-options: nosniff
age: 508273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 308079
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 15:35:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 14 Jan 2023 19:01:13 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/ff97a008b4153450/ 41 KB
9 KB 26ms
9ms Stylesheet
text/css 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/ff97a008b4153450/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 14:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 15:35:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 18 Jan 2023 14:15:04 GMT

GET
H3 200 minimalist.css
www.google.com/cse/static/style/look/v4/ 5 KB
5 KB 31ms
15ms Stylesheet
text/css 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/minimalist.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=008864065348068036580:mnkujym5xug

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 15:41:54 GMT
x-content-type-options: nosniff
age: 1832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5084
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 20 Jan 2022 16:31:54 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 761 B
1 KB 39ms
33ms XHR
application/json 13.33.241.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.natlawreview.com&pubid=24a8f0bd-cf02-44fc-8552-07652599f740
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.241.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-241-218.hel50.r.cloudfront.net
Software: Server /
Resource Hash: 6361ca8bac4c2f5f859d981c6dc773520f282d2e4bff065212f368e65b544073

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 13:51:53 GMT
via: 1.1 b2756db0e58306bee6945607dbb05978.cloudfront.net (CloudFront)
server: Server
age: 8433
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.natlawreview.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: HEL50-C1
content-length: 761
x-amz-cf-id: sLP8C_0H3WpVXFV0Kn9018KNcNdOTRyn_pKXT5x0N8v_pReCQk9NNw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 110ms
34ms XHR
application/javascript 13.33.241.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.241.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-241-218.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 49818
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 01:41:37 GMT
server: AmazonS3
date: Thu, 20 Jan 2022 02:22:08 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9f6a623c512f1a1b6fd6b2d4bd697472.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: uPTCu8RxEP8Zppv7CoYCrV_sXq6MbdQA9V6cFDd4QsYBjf4IrrnrGA==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11994645-1&cid=344252237.1642695145&jid=1532741302&_u=YADAAEAAAAAAAC~&z=1719488586

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 16:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 91ms
41ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11994645-1&cid=344252237.1642695145&jid=1532741302&_u=YADAAEAAAAAAAC~&z=1719488586

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 16:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 54 KB
3 KB 55ms
26ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.8_plDZCienM.es5.O/d=1/rs=AJlcJMytsuccQ8Hw8efTRRu98JlMCKx15g/m=iabtcfv2wallscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

731692cdbcd1b62abb9b6847629cc1154818f072069b6193cb968c11c851149a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 16:12:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 16:12:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 16:12:26 GMT

GET
H2 200 -oJ1cuQUS8ucOE9Lvx8COwB7ueSBBk0pefpV3yko3TER2Ak5bw75auodntC0JQiAwFCX48bLWN_A6hY9GITFsOB_-S9qLsXrnM0ypBksiCx4jJOMFYPE=h60
lh3.googleusercontent.com/ 4 KB
4 KB 55ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-oJ1cuQUS8ucOE9Lvx8COwB7ueSBBk0pefpV3yko3TER2Ak5bw75auodntC0JQiAwFCX48bLWN_A6hY9GITFsOB_-S9qLsXrnM0ypBksiCx4jJOMFYPE=h60

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

23b8bd076fd63e9f96f035f65912c9708653f22f2f71250d4b54f562ad81dc14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 14:10:43 GMT
x-content-type-options: nosniff
age: 7303
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4065
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 07:24:28 GMT

POST
H3 204 AGSKWxUOggFdFiOe6z-km81emfRfw81ZfMGyJA6fgRv08rn3mc054rbIklQXiJ-jIMNyOidejvRDW7SyES3KNVEu_Ps= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 49ms
25ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOggFdFiOe6z-km81emfRfw81ZfMGyJA6fgRv08rn3mc054rbIklQXiJ-jIMNyOidejvRDW7SyES3KNVEu_Ps=?pvid=AB3EBA26-E504-48CE-BB8C-2743C414472E&anonid=9D6FE6A1-AE09-4440-87C5-B16496909E25

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jS+L3J2JO1O1ZfKqAhhxKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jS+L3J2JO1O1ZfKqAhhxKQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-jS+L3J2JO1O1ZfKqAhhxKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jS+L3J2JO1O1ZfKqAhhxKQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 157445395 Show response
fundingchoicesmessages.google.com/i/ 87 KB
30 KB 34ms
30ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/157445395?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c463e7e7f84a84e4bd67ba0a0f014891d4906d76de35b31a8c92398680203c78

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ojv1Zswe2k7DVQHUsB8lfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-Ojv1Zswe2k7DVQHUsB8lfw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ojv1Zswe2k7DVQHUsB8lfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-Ojv1Zswe2k7DVQHUsB8lfw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
date: Thu, 20 Jan 2022 16:12:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 94ms
44ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1225615
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txfc32ae3430f64893b5ebc-0061adeed3
x-amz-id-2: txfc32ae3430f64893b5ebc-0061adeed3
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DxqoahUffhoPKeBQPOz%2BWRksnWydj5rXsxZJKxolFcaZKyuE%2BiaBr06Vy0OYZVeP%2BxccRladocTdVk0RYy9olWevRygMWmEKSLRIThX5U8t2BA53ymXCcxBB1PaeDy0Lm5l4961HzwxErOL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6d099597b9353753-MXP
access-control-allow-headers: Authorization

GET
H2 200 aax.js Show response
c.aaxads.com/ 399 KB
111 KB 84ms
51ms Script
text/javascript 104.92.105.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAXJ730WZ&hst=www.natlawreview.com&ver=1.2

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-105-214.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3d81131a168b069b166eb1f8c2fef8b0e446739b8e5e30039c840cad2c38b2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Thu, 20 Jan 2022 16:12:26 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Thu, 20 Jan 2022 16:42:26 GMT

POST
H3 204 AGSKWxUUnFhPAXv4MaIbjk7IItET8iMf52vUsC2Fv1rXYG-8yhQm8HQbmgVKieNCqLAtUS9jLDWR0lkII3Zvp83CQTzK_g1f4Hb3lUcKd9SQGtwRg_Jb4R-kusr7Gg81UCPCswRno0UOe8Li5QkOIzP7nO-7EGCN-se2eZyWSVHi3yE4YEFQ-Fw_79Uz_dD_ Show response
fundingchoicesmessages.google.com/el/ 0
25 B 21ms
21ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUUnFhPAXv4MaIbjk7IItET8iMf52vUsC2Fv1rXYG-8yhQm8HQbmgVKieNCqLAtUS9jLDWR0lkII3Zvp83CQTzK_g1f4Hb3lUcKd9SQGtwRg_Jb4R-kusr7Gg81UCPCswRno0UOe8Li5QkOIzP7nO-7EGCN-se2eZyWSVHi3yE4YEFQ-Fw_79Uz_dD_?dmid=dd508f6a85c077f4

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rpdMXE4G8eQMTXi1ej97jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rpdMXE4G8eQMTXi1ej97jw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rpdMXE4G8eQMTXi1ej97jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rpdMXE4G8eQMTXi1ej97jw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v121/ 119 KB
119 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v121/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 19:31:38 GMT
x-content-type-options: nosniff
age: 160848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121784
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 19:31:38 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.natlawreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:52:02 GMT
x-content-type-options: nosniff
age: 526824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 13:52:02 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 136 KB
50 KB 55ms
32ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__en.js?usqp=CAM%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd3434b67c57de6e79d327f11342867c78a2593b1f6cd3ceafc048d98cf6169c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "5752080690903278297"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 20 Jan 2022 16:12:26 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 25ms
16ms Image
image/png 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/ff97a008b4153450/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/ff97a008b4153450/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 05:46:24 GMT
x-content-type-options: nosniff
age: 123962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 19 Jan 2023 05:46:24 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 71ms
8ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 piwik.php
analytics.natlawreview.com/ 43 B
162 B 300ms
294ms Image
image/gif 54.91.161.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.natlawreview.com/piwik.php?action_name=Page%20not%20found%20%7C%20The%20National%20Law%20Review&idsite=1&rec=1&r=057875&h=16&m=12&s=26&url=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%3Famp&_id=7d74c04bafbeaf16&_idts=1642695146&_idvc=1&_idn=0&_refts=0&_viewts=1642695146&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=820&pv_id=0H1lFY
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.161.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-161-246.compute-1.amazonaws.com
Software: Apache/2.4.48 (Amazon) PHP/7.1.33 / PHP/7.1.33
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
server: Apache/2.4.48 (Amazon) PHP/7.1.33
x-powered-by: PHP/7.1.33
content-length: 43
content-type: image/gif

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
206 B 9ms
8ms Image
image/gif 104.92.105.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-105-214.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:26 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=904497
accept-ranges: bytes
content-length: 43
expires: Mon, 31 Jan 2022 03:27:23 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 82ms
21ms Image
image/gif 104.111.243.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-142.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 16:12:26 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=151350
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sat, 22 Jan 2022 10:14:56 GMT

GET
H/1.1 200
OK log
l3.aaxads.com/ 35 B
329 B 417ms
24ms Image
image/gif 104.111.239.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAXJ730WZ&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=natlawreview.com&vhuyqdph=ssp-serving-6c996656dc-gs56x&vyu=011911_318_011911_281_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001642695146371032397757441222&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=-1&dgeg=0&qsd=0&jgsu=1&fvvwu=&wfi_fps=300&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=1---&xifd=0&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&gvwduw=25&ghqg=119&uhtxuo=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&nzui=
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-153.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:26 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 20 Jan 2022 16:12:26 GMT

GET
H2 200 ajax Show response
www.trustedsite.com/rpc/ 6 B
944 B 636ms
170ms Script
text/javascript 50.112.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=natlawreview.com&rand=1642695146531

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.99.14 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-99-14.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-length: 26
x-content-type-options: nosniff

GET
H2 400 piwik.php
analytics.natlawreview.com/ 238 B
358 B 153ms
153ms Image
image/gif 54.91.161.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.natlawreview.com/piwik.php?action_name=Page%20not%20found%20%7C%20The%20National%20Law%20Review&idsite=undefined&rec=1&r=741478&h=16&m=12&s=26&url=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%3Famp&_id=5bfdd790c3ce2c1e&_idts=1642695146&_idvc=1&_idn=1&_refts=0&_viewts=1642695146&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=820&pv_id=GmPwMS
Requested by: Host: www.natlawreview.com
URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.161.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-161-246.compute-1.amazonaws.com
Software: Apache/2.4.48 (Amazon) PHP/7.1.33 / PHP/7.1.33
Resource Hash: ab40b38eabe3aa4ea30f8be74dd60c40508d12a3038f1a2d239e0c46db111671

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: Apache/2.4.48 (Amazon) PHP/7.1.33
x-powered-by: PHP/7.1.33
content-length: 238
content-type: image/gif

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 988 B
1 KB 83ms
14ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 62015a53dc3b72d6914e47c7572c4ea27435720610bd2354c6264d22d159faa5

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 16:12:27 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.natlawreview.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 988
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 107ms
70ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050612&size_id=15&alt_size_ids=9%2C10%2C16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=36adcb66-b3cf-4ba9-ba58-0872234ff5ee&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.32061328457989857
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 85fde06d7e09b3ddade3c3e577e7602df2973093648e9628e78dc60d6b3cd56c

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 132ms
94ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050506&size_id=15&alt_size_ids=10%2C16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=21342e2d-c068-4921-a23b-34918023de42&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.873037618308542
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1b8832f3b23aa63f415dfc191ef8e68d69dc3632774f9e7daa6238fad0afa776

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 123ms
86ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050510&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=17739154-df1a-4d96-95d9-c7fb963637c5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2755915875927708
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7b965f90fb0aa29acdfd1c26a842e3092ef7274d49e473dd5e20e74f51049ec7

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 106ms
67ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050508&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=3fd2aae2-3301-40ad-a6d0-4fa2c7c2275b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.32974479235443477
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4a9f45b44b99f68144b84be055d6edc0e74ce6ddf5794450a4e0e641822bc007

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 135ms
96ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2049534&size_id=15&alt_size_ids=9&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=abd06fcb-bc4f-4a8a-8a0e-40a8d598f8cc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.26545337637757727
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 39f29fff7a554acf0ba3659c9e3805c3b7863120248732b7cb30bf3f727a6506

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 119ms
80ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050622&size_id=15&alt_size_ids=2&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=83b6e685-449f-4675-91fb-3b8f11cf8348&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.44538001977071073
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ba05b8857c7e936dad8c330094c53f338c637cdfae9b09b86fce704f70b1b7ca

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 187ms
81ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050616&size_id=15&alt_size_ids=9%2C10%2C16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=0d188e16-a694-489b-b9d7-1b7d80a81b7c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9391994185860641
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a3df5d6fcaa6d630eafd21e0eeea3e89cbcace5c73a2ed112e5b379b60a58ad2

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 171ms
65ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050614&size_id=15&alt_size_ids=9%2C10%2C16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=ae40bf1c-486d-473c-b5e7-59c5fee878fc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9927884919089871
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1778968c416f2438a5f54d241343dc7febbba4fa37509ea179affa7cc74907d2

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 229ms
110ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050618&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=77598b77-7050-4955-9923-0ab36dbb24e0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7982324073396958
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b59b2f0de5ca85dfc88173e1a794fefd512dafc4fdd54d7325eb115023cb3e81

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 233ms
109ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050600&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=b2b215d9-f046-48f0-b932-1e76e2f53d7f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9436008650525163
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 594e49484d56ebfaab22bfbd20d755b6613937a05542730719996f1cebd8a054

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 196ms
65ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050604&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=8060e0a2-6845-4bc3-b153-f314e6be450f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8815368248531101
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 84678d73a2d972ef90f310ecd171828379a3fbaa6ae68dc5ef0986a452f582e1

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 193ms
59ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050602&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=65c3b8bc-f10c-4258-9a2c-37eb8db51066&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9357842780049723
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9d0ebfb110f0573f493aa048f1b52fe41930b2e132f79d7f878c0e270181e657

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 245ms
74ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050492&size_id=15&alt_size_ids=9%2C10&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=0c6d23ae-6f30-41d1-ba75-2564f27a3cf4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9315884721606165
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3c931b21e8d469fc65fa2b7e33e9b720a81627f20afd7a31dec711f16c76e6e8

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 267ms
81ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050490&size_id=15&alt_size_ids=9%2C10&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=7e05b6e8-29ec-4cb3-98e5-f97352f5898c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.27043751104883795
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: de8a56004138dd88aac4a52ac8970dca5392a39994bbdd6abb8dc84281cc7e9f

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 300ms
107ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050626&size_id=15&alt_size_ids=2%2C16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=303688ec-a379-4916-8de4-2d5357d22eab&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6321934510793465
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 608734d95ede504df615f73aa3de8f3f1ce27d6e684d1f45bb272692afe469bc

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 271ms
76ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050624&size_id=15&alt_size_ids=2%2C16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=2fa05b50-e9a1-4d0c-b5a0-769cff92a3da&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9457674133330507
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c89b9646cea15ce17f1e008b5dd1a76845eb6cb89d818bac98b60ae31c8a623f

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 306 B
1 KB 239ms
11ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050630&size_id=15&alt_size_ids=2%2C16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=7f102d45-1930-4f74-b608-2998da931cd1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.884307348015458
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 13efe5c1561d853493598d03e231f75a17764d5c08b017f387f8db08f73ca08c

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 306
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 296ms
64ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050608&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=3d65745c-5ea3-425e-8355-e180394ac4d9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9520995485379766
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4388e175e812fca478ddf9f8c0b326aff7b6e16d5ec53e5e2aac6e9e6b52d3bf

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 299ms
60ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050610&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=88bb66f2-6dfc-4708-b350-846f3f8eb5e6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.26668862513998337
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 517fc732fcc575516f6345a4c264d32a01dd6b8a32f34c8ab650121480866598

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 334ms
91ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050606&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=36db05b6-3409-42c8-a162-90a326138d8d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6981672073055913
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e4f6c85b8d3142048e85a323fdaea5d0635b90e99f4e46a838e309b19ca4f912

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 341ms
74ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2050628&size_id=15&alt_size_ids=2%2C16&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=8db265ed-0efc-4c5e-b996-16cadac4f699&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.04132783246072358
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 81c77ea43a619292d4d0bac42cc6d1cb750ab79908143dcf7ec15680f09ebd95

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 387ms
117ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2086708&size_id=2&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=cdd5cf24-7b3e-4b88-923b-ce81f723d052&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7261823424053793
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: cab81f077d77b97d78283311579def7325780bdacbd7ede0d044197908a11d26

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 352ms
56ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2086704&size_id=9&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=44e54305-b085-41db-b0ab-8b0871f66f10&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5235752116318224
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: de43ff5d0f2cc5f3975182b38eb85f42855eeca44ee9689b99edafd350134ba9

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 364ms
64ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12768&site_id=374162&zone_id=2086706&size_id=9&rf=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tk_flint=pbjs_lite_v4.1.0-pre&x_source.tid=248adb54-f281-4a6a-9446-090808c3b019&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5461438541498951
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 59d9e822059fd9ec6f0756e846806432b678db9ae0713aa8b07c6ef30fcf4410

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
268 B 691ms
665ms XHR
application/json 3.123.205.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.1.0-pre&referrer=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&tmax=1000

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-205-63.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 16:12:28 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 65 B
746 B 31ms
10ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3143566bd1a7330ee43570b480ec2491abf76b5914e06b16fc6aa86106ec2eb4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f6113066-23d6-499c-ad42-0b2b84fb44b6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 65
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 65 B
746 B 56ms
36ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3143566bd1a7330ee43570b480ec2491abf76b5914e06b16fc6aa86106ec2eb4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 98fd3503-c481-4dbb-8bcd-03159918e971
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 65
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 65 B
746 B 28ms
8ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3143566bd1a7330ee43570b480ec2491abf76b5914e06b16fc6aa86106ec2eb4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 16:12:27 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 57da8c37-c2b9-44cb-b06a-c83605b53df1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.natlawreview.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 65
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 140ms
86ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e588dbd00b8&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 64ffa7a96f85e5ffe39ad23bf97e9f47ca11937f4d7755f91dbbf9b5e8d98d35

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 153ms
99ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9699700179793c26c73e56436500c2&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 131c273af4425cff31c20fef801737ab437e740975a9c05cc23389eec2eba664

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 149ms
95ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9699700179793c26c73e56a20500c4&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 10c9a299c3e9f8f820fd25c9e6dfb2d03a66e291a7af7b195eab23e6a0c854a1

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 144ms
90ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9699700179793c26c73e5676b900c3&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ff45d1e4e1927c02980c95eb533fa8dc05f4fb2b9d8f081427fc048de454e695

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 145ms
91ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9694770179793c302c3e549c9d00dc&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: aa4c580359e4e24e6dfbc3953878e991f2f221588cec4c82d06be0f24cb7b373

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
296 B 125ms
71ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9694770179793c302c3e615ea100e0&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e47f14e31f46321c18d040cef475653b5e8684ff5051aa76b078f72a8a361da9

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 138ms
84ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e58ff2600ba&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e89ac8a4de4ec6ec5a70b1e7410319f9fb39d2cda276d4eee294cbe9acb4c53e

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 135ms
82ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e58c1a700b9&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 295828f06cfb87e6e370bf65d65c059f7d8f5bf78ec7f88fcdc394b565ea954d

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 131ms
78ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9699700179793c26c73e5d867f00c6&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 1304fc88c8c52c60543b45aa5dc1cd230921693fc44f0e55c4a1adcfd317cb35

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 145ms
92ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e56d20b00b6&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 7b2335747c289c8b5b33b53f254828d918616acb0156601d001e8a5ad5c5f1b6

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 3 KB
3 KB 157ms
105ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9694770179793c302c3e57955800de&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5456f24c76a1aa133a06cbbc356644c187d96d18bdf1d9d05a5d44507458a173

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 2979

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 157ms
104ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9694770179793c302c3e575ba900dd&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 989b43342073a52e1ec5c0324f6d540158459245d77e0ef365e1898bbe709e2d

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 124ms
72ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e550e0600b4&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 933c2f5b2b0b560347a1f8c52f8cf3271bde59d068f167ee54a0578a3cdc3b32

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 131ms
80ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9699700179793c26c73e54cdfd00bf&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 60e3350280de37fa30e0aeebc7c66ce3678de291c956ad09e16cd29de9300e0c

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 132ms
80ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9694770179793c302c3e62418500e1&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6e812d6fb5a7fd92484ce8171affefc8919b45033569e926bbd9e07fd7003749

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 179ms
127ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e61a7d600bb&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 0bdfac04fc7fcf958acf070972f325f7b7884e13bf62f88dc45bc8dc0c7de2f4

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 124ms
73ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e63075b00bd&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2c6b1febca3d29a16e437addd1557cf45ffcfd69cc436dcf2ab57459a3f8b894

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 143ms
92ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9699700179793c26c73e57fc1000c5&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 796da5213f7b53583c2981f20b25164edb456bcba5f608270b9dde9c9ad65ce5

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 161ms
110ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e5832c700b7&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 93cb044e0e7d9e2f7b60f7e9dff14fe96c7372cd6dc019d665fba99dac2d0d45

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 195ms
144ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9694770179793c302c3e57d17f00df&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c72dd0264e4835868b46fe362128a724db6c4b5b4305260a33eab7280921951e

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 134ms
84ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9691b10179793c2b3b3e62820c00bc&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 536da20a109839e60102474714725789af64a0ebc019d8a3753abc90b897ccf2

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 135ms
85ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a969dea017979f78bd1fbde115d0310&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4c5977ccb1609cfd086d59236eae21fba6efa1963b5e752ea4e337febd56f6ad

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 136ms
86ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a9695b5017979f794bcfbdd874902c6&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4a43ca2496a7f02dc72364ea30bc0a32ef08ac245aea08e6454335b7068f5a90

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 135ms
85ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699700179793c26c73e53bda900bd&pos=8a969dea017979f78bd1fbddd689030f&cmd=bid&secure=1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f318fd83755494cfdf5ead904f50d009c59b90453ece072329c719b93cce0775

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
content-length: 62

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
229 B 176ms
33ms XHR
text/plain 54.229.132.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-1631557963636-0%22%2C%22callback_id%22%3A%221517e3489482838d%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B728%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222854382658052366663%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-art_large_sidebar_right%22%2C%22callback_id%22%3A%22152b2e8d56b04e6f%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382660040466775%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-art_rectangle_1%22%2C%22callback_id%22%3A%22153126f97bd675bb%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382658891227470%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-art_rectangle_2%22%2C%22callback_id%22%3A%22154ee655a9dc4901%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382659142885712%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-art_rectangle_3%22%2C%22callback_id%22%3A%22155fea9ba0546123%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382659033833807%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-art_sidebar_left%22%2C%22callback_id%22%3A%22156706f2ec1478c%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222854382661223260511%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-art_top_banner%22%2C%22callback_id%22%3A%221575c8557a487083%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222854382658421465418%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-extra_large_billboard%22%2C%22callback_id%22%3A%22158207486193dd23%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222854382658169807176%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_large_sidebar_left%22%2C%22callback_id%22%3A%22159d146215b6f9d2%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382660283736409%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_large_sidebar_left_2%22%2C%22callback_id%22%3A%221603ade0797d9b0f%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382660149518680%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_left_col_rectangle%22%2C%22callback_id%22%3A%22161a7b1869853ab2%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382660560560474%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_rectangle_1%22%2C%22callback_id%22%3A%22162fb7b56cc2932b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382659260326225%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_rectangle_2%22%2C%22callback_id%22%3A%22163a9651beb5fcbc%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382659562316115%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_rectangle_3%22%2C%22callback_id%22%3A%22164f284bb4135be8%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382659394543954%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_rectangle_4%22%2C%22callback_id%22%3A%22165ce9f792afde89%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222854382661432975713%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_sidebar_right%22%2C%22callback_id%22%3A%22166b3ac8d1f6ea29%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222854382661332312416%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-hp_top_banner%22%2C%22callback_id%22%3A%221677c211e0225a9%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222854382658664735052%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-in_content_last_paragraph%22%2C%22callback_id%22%3A%221683efd23e2e1ae4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222854382658538905931%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-org_in_content%22%2C%22callback_id%22%3A%22169c0995b048a8f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222854382658287247689%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-pg_rectangle_1%22%2C%22callback_id%22%3A%221706408c534d985a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382659805585749%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-pg_rectangle_2%22%2C%22callback_id%22%3A%221715b52c9ff860b3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382659931414870%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-pg_rectangle_3%22%2C%22callback_id%22%3A%22172afe091217504a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222854382659704922452%22%7D%2C%7B%22placement_id%22%3A%22dfp-ad-pg_top_banner%22%2C%22callback_id%22%3A%22173d4049c416d7dd%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222854382658773786957%22%7D%5D&page_url=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&bust=1642695147378&pr=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&scrd=1&dnt=false&e=0&description=&title=Page%20not%20found%20%7C%20The%20National%20Law%20Review&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=42075410-0979-4c72-9791-e0fc53827a79
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.132.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-132-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.natlawreview.com
pragma: no-cache
date: Thu, 20 Jan 2022 16:12:27 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 112ms
112ms XHR
text/javascript 13.33.241.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%253famp&pid=6tBudBqJUfAbP&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1631557963636-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22468x60%22%2C%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F157445395%2FARTPage_LowBillboard%22%7D%2C%7B%22sd%22%3A%22dfp-ad-art_large_sidebar_right%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fart_large_sidebar_right%22%7D%2C%7B%22sd%22%3A%22dfp-ad-art_medium_square%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F157445395%2Fart_medium_square%22%7D%2C%7B%22sd%22%3A%22dfp-ad-art_rectangle_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fart_rectangle_1%22%7D%2C%7B%22sd%22%3A%22dfp-ad-art_rectangle_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fart_rectangle_2%22%7D%2C%7B%22sd%22%3A%22dfp-ad-art_rectangle_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fart_rectangle_3%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-art_rectangle_3%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fart_rectangle_4%22%7D%2C%7B%22sd%22%3A%22dfp-ad-art_sidebar_left%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F157445395%2Fart_sidebar_left%22%7D%2C%7B%22sd%22%3A%22dfp-ad-art_top_banner%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F157445395%2Fart_top_banner%22%7D%2C%7B%22sd%22%3A%22dfp-ad-author_in_content%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F157445395%2Fauthor_in_content%22%7D%2C%7B%22sd%22%3A%22dfp-ad-classified_display%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F157445395%2Fclassified_display%22%7D%2C%7B%22sd%22%3A%22dfp-ad-extra_large_billboard%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F157445395%2Fextra_large_billboard%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-hp_large_banner_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_large_banner_1%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-hp_large_banner_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_large_banner_2%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_large_sidebar_left%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_large_sidebar_left%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_large_sidebar_left_2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_large_sidebar_left_2%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_left_col_rectangle%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_left_col_rectangle%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_medium_square%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_medium_square%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-hp_medium_square_2%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_medium_square_2%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_rectangle_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_rectangle_1%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_rectangle_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_rectangle_2%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_rectangle_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_rectangle_3%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_rectangle_4%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_rectangle_4%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-hp_rectangle_5%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_rectangle_5%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_sidebar_right%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_sidebar_right%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-hp_small_banner_1%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_small_banner_1%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-hp_small_banner_2%22%2C%22s%22%3A%5B%22320x50%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_small_banner_2%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-hp_small_banner_3%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_small_banner_3%22%7D%2C%7B%22sd%22%3A%22dfp-ad-hp_top_banner%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22468x60%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F157445395%2Fhp_top_banner%22%7D%2C%7B%22sd%22%3A%22dfp-ad-in_content_last_paragraph%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22468x60%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F157445395%2Fin_content_last_paragraph%22%7D%2C%7B%22sd%22%3A%22dfp-ad-org_in_content%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22468x60%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F157445395%2Forg_in_content%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-pgpage_lowbillboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F157445395%2FPGPage_LowBillboard%22%7D%2C%7B%22sd%22%3A%22dfp-ad-pg_rectangle_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fpg_rectangle_1%22%7D%2C%7B%22sd%22%3A%22dfp-ad-pg_rectangle_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fpg_rectangle_2%22%7D%2C%7B%22sd%22%3A%22dfp-ad-pg_rectangle_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fpg_rectangle_3%22%7D%2C%7B%22sd%22%3A%22js-dfp-tag-pg_rectangle_4%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2Fpg_rectangle_4%22%7D%2C%7B%22sd%22%3A%22dfp-ad-pg_top_banner%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22468x60%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F157445395%2Fpg_top_banner%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1620754303995-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F157445395%2FPublir_BottomStickyDT%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1635529620572-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F157445395%2FPublir_in-Article_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1635529762601-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F157445395%2FPublir_In-Article_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1620752315448-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F157445395%2FPublir_LeftSticky%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1620752477220-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F157445395%2FPublir_RightSticky%22%7D%5D&schain=1.0%2C1!publir.com%2C9792505%2C1%2C%2C%2C&pubid=24a8f0bd-cf02-44fc-8552-07652599f740&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.241.218 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-241-218.hel50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
via: 1.1 b2756db0e58306bee6945607dbb05978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HEL50-C1
x-amz-rid: FFADHD7DP6596Q77641R
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.natlawreview.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: D_DpVuoP8Y8PRMNTGnTksybngUif9C8kszAp6XrecLn1yk4gnJojtw==

GET
H3 200 picon.svg
a.publir.com/platform/common/ 1 KB
1 KB 35ms
34ms Image
image/svg+xml 2606:4700:3035::ac43:9ac0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.publir.com/platform/common/picon.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ac0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 091c7ccac5ac3c4a82a6e616457035cdc22c27242cbd58020f7bf20d3f366795

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.natlawreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:12:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2248
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KXKWXW3CMKKPNHJP
x-amz-id-2: Q2nO3pjxxuZ8vOS19DJe67WXWOsV61lPIJ/5Pi2N47oPUcPkz4t++PBC627ifoF3Y329EGHDtA8=
last-modified: Thu, 21 May 2020 01:56:01 GMT
server: cloudflare
etag: W/"f12f50bf9a3b6ad7aa43fd75326c81d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIfQ%2Fzz%2Bo6dumipSIfkbJsNwpk0lunrqKJGIrNOB7BLVzOZk34uNcofBe2ipwsdNeGWpY%2FQPVBpAviKPLwyiXqxUCwL5O%2BwW5QS%2BOW%2BpoG55P7X%2Bw7E5GVndSmM3DjtDQRi59ld1r4E7tJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 6d09959f5888d40b-BUD

POST
H2 200 publirprebidAnalytics Show response
pb.publir.com/ 15 B
805 B 327ms
266ms XHR
application/json 2606:4700:3037::6815:5eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.publir.com/publirprebidAnalytics
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.natlawreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jan 2022 16:12:28 GMT
via: 1.1 2fb101a75d62357647d00a936fb26d02.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C3
x-amzn-requestid: 31bfddab-2274-47b9-80b0-fd6d0213d5d1
x-cache: Miss from cloudfront
x-amz-apigw-id: MQJ8_F7xIAMF8Ug=
content-length: 15
server: cloudflare
x-amzn-trace-id: Root=1-61e989ec-0cee9bf54bd9cf3b1ab71851;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=so%2FKW5yn2Upv81L4uJkl24clRJ93LLDgCRrEVO7c1At3HwcG%2B1%2BZVrCYfJi86Gvf0BVsuoqdbww91Y5Vs%2BSaa%2FQbK9aP1eNoidW6v71ZEsKajfi2efuu1gQqkopAy38idNzGPKI9g4%2Fr6lwO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 6d0995a5ab7e3755-MXP
x-amz-cf-id: _lmvwv0u44SUr4fEoVVTu8bIlmKyIw8Koia8gpPcg-LJmhuucyPMxg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.natlawreview.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.natlawreview.com/	1970-01-20 17:49:27	Name: _ga Value: GA1.2.344252237.1642695145
.natlawreview.com/	1970-01-20 00:19:41	Name: _gid Value: GA1.2.1724736267.1642695146
.natlawreview.com/	1970-01-20 00:18:15	Name: _gat Value: 1
www.natlawreview.com/	1970-01-20 00:18:16	Name: _dd_s Value: rum=0&expire=1642696045765
www.natlawreview.com/	1970-01-20 00:28:19	Name: AWSALB Value: wfs3GFMLOIUxu5XhKlcDCVAGIahNEvHYSzb9uC9xdD2ruYl8vLlLRmNrsAgQb8Z21eWXnM81gi4aLuLhqrcI3eBSstZR98G379Ol+ThHsNnc/4GEs1sAnj6Z89pU
www.natlawreview.com/	1970-01-20 00:28:19	Name: AWSALBCORS Value: wfs3GFMLOIUxu5XhKlcDCVAGIahNEvHYSzb9uC9xdD2ruYl8vLlLRmNrsAgQb8Z21eWXnM81gi4aLuLhqrcI3eBSstZR98G379Ol+ThHsNnc/4GEs1sAnj6Z89pU
www.natlawreview.com/	1970-01-20 09:44:10	Name: _pk_id.1.0830 Value: 7d74c04bafbeaf16.1642695146.1.1642695146.1642695146.
www.natlawreview.com/	1970-01-20 00:18:16	Name: _pk_ses.1.0830 Value: *
www.natlawreview.com/	1970-01-20 00:18:16	Name: _pk_ses.undefined.0830 Value: *
www.natlawreview.com/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
www.natlawreview.com/	1970-01-20 00:19:41	Name: trustedsite_visit Value: 1
www.trustedsite.com/	1970-01-20 00:28:19	Name: AWSALBCORS Value: t9ftdmZP+hn7mDCJFsmAB9qD6CetOJrNlT9Tc/eve6jXCGGrmMNmog51gQ7xH5snSr4ozX3pqmjT9NOOG1CUv10DMwphq9Psrj0QGG/b55AdAgd6RFf+iCgr8P64
.natlawreview.com/	1970-01-20 17:49:27	Name: _ga_VBNQFDJGG6 Value: GS1.1.1642695145.1.0.1642695147.0
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/	1970-01-20 09:03:51	Name: khaos Value: KYN69ZZW-22-8YQE
.rubiconproject.com/	1970-01-20 09:03:51	Name: audit Value: 1\|hLZGFuTafB3JqMPpe9ZQ33NEnEPvxbSem0AuhTX0VRwK2qe6TZpRu381xqffiX2xjHy/gz6I0ZOimFU6AIS4MMBQn6AvuCLF+LzSojzZzh8dOKW1qRBjyg==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.natlawreview.com/article/why-norton-anti-virus-becoming-crypto-mining-botnet%3famp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analytics.natlawreview.com/piwik.php?action_name=Page%20not%20found%20%7C%20The%20National%20Law%20Review&idsite=undefined&rec=1&r=741478&h=16&m=12&s=26&url=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwhy-norton-anti-virus-becoming-crypto-mining-botnet%3Famp&_id=5bfdd790c3ce2c1e&_idts=1642695146&_idvc=1&_idn=1&_refts=0&_viewts=1642695146&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=820&pv_id=GmPwMS Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.publir.com
ads.yieldmo.com
ajax.googleapis.com
analytics.natlawreview.com
c.aaxads.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.jsdelivr.net
cdn.ywxi.net
clients1.google.com
code.jguery.com
cse.google.com
edge.quantserve.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
l3.aaxads.com
lh3.googleusercontent.com
mgmpyqsthffzb88cl.ay.delivery
pagead2.googlesyndication.com
pb.publir.com
rules.quantcount.com
s3-us-west-2.amazonaws.com
script.4dex.io
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tlx.3lift.com
web.hb.ad.cpe.dotomi.com
www.aaxdetect.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.natlawreview.com
www.trustedsite.com
hbopenbid.pubmatic.com
104.111.239.153
104.111.243.142
104.92.105.214
13.33.241.218
142.250.181.226
18.66.243.65
2600:9000:2057:ac00:14:6bfc:5740:93a1
2600:9000:2156:dc00:6:44e3:f8c0:93a1
2602:803:c004:200::143
2606:4700:20::681a:9a9
2606:4700:3031::6815:3c02
2606:4700:3035::ac43:9ac0
2606:4700:3036::6815:38ad
2606:4700:3037::6815:5eb
2606:4700::6810:5914
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9a
2a02:fa8:8806:13::1460
3.123.205.63
34.237.228.147
37.252.172.38
50.112.99.14
52.218.168.208
52.28.203.152
54.229.132.166
54.91.161.246
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0881a7757f1d927e26db96f23affdfcec5feb3af03c216d1774000440ad3d4a5
08fa0522855031ffacbaf0610b7cf13ac69f38270cc8b4842f54517a4cf8e1a2
09160c2b7d90c94229f0f03644c7cf9ff37824838a6e02f0fbc9d049b86350fd
091c7ccac5ac3c4a82a6e616457035cdc22c27242cbd58020f7bf20d3f366795
09d308ebeba22cde869cf02c2d398bb160a2186f98bcff6daeb4d44eed88a7df
0bdfac04fc7fcf958acf070972f325f7b7884e13bf62f88dc45bc8dc0c7de2f4
10c9a299c3e9f8f820fd25c9e6dfb2d03a66e291a7af7b195eab23e6a0c854a1
1304fc88c8c52c60543b45aa5dc1cd230921693fc44f0e55c4a1adcfd317cb35
131c273af4425cff31c20fef801737ab437e740975a9c05cc23389eec2eba664
13efe5c1561d853493598d03e231f75a17764d5c08b017f387f8db08f73ca08c
15f983d412ee16abb31eb570ed4a60d67847e4eea49d3f46f5516b0b515896e1
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
1710b3829994eea669a96a109cfaf8d18fd086e4d813448b75fa13590bd28461
1778968c416f2438a5f54d241343dc7febbba4fa37509ea179affa7cc74907d2
18f93339118de2787095acb131c2337a19dd7f4ad2455e5af8ea29c35bf84570
190da0476f8cce20db0253b544d4188fde9cdc8f8e86cdedd0ef083a6520fd60
1b8832f3b23aa63f415dfc191ef8e68d69dc3632774f9e7daa6238fad0afa776
236a51aa5505de155c71197e21c4417ae947bdf259922836b2b37d5a6dc100d3
23b8bd076fd63e9f96f035f65912c9708653f22f2f71250d4b54f562ad81dc14
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
282efac1b4b9bf569f4af0e113eeaaab3e04aa7ef0a0a2b3cad523a60295ebff
295828f06cfb87e6e370bf65d65c059f7d8f5bf78ec7f88fcdc394b565ea954d
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2c6b1febca3d29a16e437addd1557cf45ffcfd69cc436dcf2ab57459a3f8b894
2d4ac82d9d68d2c82dfd2897929059e20c4b3ab9bf4a20de0668fd943e5c6550
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3143566bd1a7330ee43570b480ec2491abf76b5914e06b16fc6aa86106ec2eb4
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
355964d0abb09ac11ef8de7d38fe8bf752285ced411aff055de07cad53484be6
39f29fff7a554acf0ba3659c9e3805c3b7863120248732b7cb30bf3f727a6506
3c931b21e8d469fc65fa2b7e33e9b720a81627f20afd7a31dec711f16c76e6e8
3d81131a168b069b166eb1f8c2fef8b0e446739b8e5e30039c840cad2c38b2d0
41d9d62cf2e4a9b87ec1961abe623b8c73a54dfad9967c1414f20914cb51dae2
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
4388e175e812fca478ddf9f8c0b326aff7b6e16d5ec53e5e2aac6e9e6b52d3bf
46aab42e9310d8be5a4071fbe172e2b5614e003a600cb10a9b0eebe6d6a95818
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
49003c970644945f5d917faa1ad44eb94547494d060c9d959132e8fe3db67205
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4a43ca2496a7f02dc72364ea30bc0a32ef08ac245aea08e6454335b7068f5a90
4a9f45b44b99f68144b84be055d6edc0e74ce6ddf5794450a4e0e641822bc007
4c5977ccb1609cfd086d59236eae21fba6efa1963b5e752ea4e337febd56f6ad
4fe76937493e0cccf27fe7e05030bb8ec5e36d86e9da33aaa7ae7bbd6848d15c
50992104fafaa6bda9f6c4a9549303c395dca21e331f5e6ae6ded59d2725f032
517fc732fcc575516f6345a4c264d32a01dd6b8a32f34c8ab650121480866598
536da20a109839e60102474714725789af64a0ebc019d8a3753abc90b897ccf2
53e84706929d914ca2023678e9abbd9525d4614700e6df3c1bdbc552eaa707f4
5456f24c76a1aa133a06cbbc356644c187d96d18bdf1d9d05a5d44507458a173
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c
594e49484d56ebfaab22bfbd20d755b6613937a05542730719996f1cebd8a054
59d9e822059fd9ec6f0756e846806432b678db9ae0713aa8b07c6ef30fcf4410
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5cb9f494d5d89e364dfa172d996f6510bb1ad3dbe8f8a0a6f5845435cf5af7c1
608734d95ede504df615f73aa3de8f3f1ce27d6e684d1f45bb272692afe469bc
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
60e3350280de37fa30e0aeebc7c66ce3678de291c956ad09e16cd29de9300e0c
62015a53dc3b72d6914e47c7572c4ea27435720610bd2354c6264d22d159faa5
6361ca8bac4c2f5f859d981c6dc773520f282d2e4bff065212f368e65b544073
64ffa7a96f85e5ffe39ad23bf97e9f47ca11937f4d7755f91dbbf9b5e8d98d35
6b7357d687b23af6558ce68b78428beda7b9654144c3f08255056a59b06ad833
6e812d6fb5a7fd92484ce8171affefc8919b45033569e926bbd9e07fd7003749
731692cdbcd1b62abb9b6847629cc1154818f072069b6193cb968c11c851149a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
796da5213f7b53583c2981f20b25164edb456bcba5f608270b9dde9c9ad65ce5
7b2335747c289c8b5b33b53f254828d918616acb0156601d001e8a5ad5c5f1b6
7b965f90fb0aa29acdfd1c26a842e3092ef7274d49e473dd5e20e74f51049ec7
81c77ea43a619292d4d0bac42cc6d1cb750ab79908143dcf7ec15680f09ebd95
84678d73a2d972ef90f310ecd171828379a3fbaa6ae68dc5ef0986a452f582e1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fde06d7e09b3ddade3c3e577e7602df2973093648e9628e78dc60d6b3cd56c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8c319f30e602a61ace4973bac9ce1ebdf319568ae4d3d668f488a6017602b6f8
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8fbe1031e8234fab32983f4e5afbc30831720db278418b5a4a48e50ad7611d15
933c2f5b2b0b560347a1f8c52f8cf3271bde59d068f167ee54a0578a3cdc3b32
93cb044e0e7d9e2f7b60f7e9dff14fe96c7372cd6dc019d665fba99dac2d0d45
989b43342073a52e1ec5c0324f6d540158459245d77e0ef365e1898bbe709e2d
9d0ebfb110f0573f493aa048f1b52fe41930b2e132f79d7f878c0e270181e657
9debc70d4a54bd7ebe31f1277c9285c5c065c39c9928c1b927ac4cb681e6ca2e
a0587c56cff11c75a93a78485db0287ba6bcabad4573c0d9bc018e0d1e29103a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3df5d6fcaa6d630eafd21e0eeea3e89cbcace5c73a2ed112e5b379b60a58ad2
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
aa4c580359e4e24e6dfbc3953878e991f2f221588cec4c82d06be0f24cb7b373
ab40b38eabe3aa4ea30f8be74dd60c40508d12a3038f1a2d239e0c46db111671
abfc05d969bd7e1f9cc190eb35fa094fa057a94a37e4c84b0da26a6cfceca165
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe3063ed97dc764b61cc6d0726648745df361f274c3497e9ec2e0798a9c55b5
b59b2f0de5ca85dfc88173e1a794fefd512dafc4fdd54d7325eb115023cb3e81
ba05b8857c7e936dad8c330094c53f338c637cdfae9b09b86fce704f70b1b7ca
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c463e7e7f84a84e4bd67ba0a0f014891d4906d76de35b31a8c92398680203c78
c56ce2afa78ed30efb96f91bde9523bd4a1dc036b5df1e6539f24cdf85b36c2a
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c72dd0264e4835868b46fe362128a724db6c4b5b4305260a33eab7280921951e
c89b9646cea15ce17f1e008b5dd1a76845eb6cb89d818bac98b60ae31c8a623f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab81f077d77b97d78283311579def7325780bdacbd7ede0d044197908a11d26
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
de43ff5d0f2cc5f3975182b38eb85f42855eeca44ee9689b99edafd350134ba9
de8a56004138dd88aac4a52ac8970dca5392a39994bbdd6abb8dc84281cc7e9f
e2cf28a5cc075cb602d1fc628e07c33e1446bc58a89e32dc604bf560f4cb2698
e32a6322a5fcbf7a5d5b415b7a93e0a6839e0c530fcf18fb4c3d4a36ba30cc7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f14e31f46321c18d040cef475653b5e8684ff5051aa76b078f72a8a361da9
e4f6c85b8d3142048e85a323fdaea5d0635b90e99f4e46a838e309b19ca4f912
e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e89ac8a4de4ec6ec5a70b1e7410319f9fb39d2cda276d4eee294cbe9acb4c53e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eafc0571b8ce226f09e8de577d88921a0218da6ff4982984e357ada8e08031b7
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f318fd83755494cfdf5ead904f50d009c59b90453ece072329c719b93cce0775
f7f5a8400cc4ffc5704d4e5bda9d03b3127e69e4548d985d0e0a33004567bfef
fd3434b67c57de6e79d327f11342867c78a2593b1f6cd3ceafc048d98cf6169c
ff45d1e4e1927c02980c95eb533fa8dc05f4fb2b9d8f081427fc048de454e695

www.natlawreview.com Open in urlscan Pro 34.237.228.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

99 %HTTPS

64 %IPv6

32 Domains

41 Subdomains

40 IPs

5 Countries

2181 kBTransfer

5379 kBSize

17 Cookies

5 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.natlawreview.com Open in urlscan Pro
34.237.228.147 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

99 %
HTTPS

64 %
IPv6

32
Domains

41
Subdomains

40
IPs

5
Countries

2181 kB
Transfer

5379 kB
Size

17
Cookies

134 HTTP transactions
0 data transactions