www.gazettenet.com Open in urlscan Pro
52.70.89.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gazettenet.com/microsoft-russian-backed-hackers-targeting-cloud-services-43208693
Effective URL:
https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Submission: On October 26 via api (October 26th 2021, 5:29:21 am UTC) from GB — Scanned from DE

Summary HTTP 146 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 28 domains to perform 146 HTTP transactions. The main IP is 52.70.89.118, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.gazettenet.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 23rd 2020. Valid for: 2 years.

This is the only time www.gazettenet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	52.70.89.118 52.70.89.118	14618 (AMAZON-AES) (AMAZON-AES)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
3	2.16.186.59 2.16.186.59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.21.78.7 104.21.78.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	216.17.34.118 216.17.34.118	10242 (USINTERNET) (USINTERNET)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.225.191.147 54.225.191.147	14618 (AMAZON-AES) (AMAZON-AES)
2	54.197.229.45 54.197.229.45	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.74 104.111.215.74	16625 (AKAMAI-AS) (AKAMAI-AS)
7	35.201.96.133 35.201.96.133	15169 (GOOGLE) (GOOGLE)
1 10	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
3	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	18.225.3.119 18.225.3.119	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
6	99.80.188.163 99.80.188.163	16509 (AMAZON-02) (AMAZON-02)
1	74.125.140.156 74.125.140.156	15169 (GOOGLE) (GOOGLE)
2	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
4	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
6	52.216.153.44 52.216.153.44	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.142 143.204.98.142	16509 (AMAZON-02) (AMAZON-02)
2	35.201.103.212 35.201.103.212	15169 (GOOGLE) (GOOGLE)
1	52.51.68.144 52.51.68.144	16509 (AMAZON-02) (AMAZON-02)
1	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	54.165.118.4 54.165.118.4	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	52.217.36.214 52.217.36.214	16509 (AMAZON-02) (AMAZON-02)
1	174.129.235.109 174.129.235.109	14618 (AMAZON-AES) (AMAZON-AES)
18	54.221.248.213 54.221.248.213	14618 (AMAZON-AES) (AMAZON-AES)
146	38

29 52.70.89.118 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-89-118.compute-1.amazonaws.com

www.gazettenet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.59 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-59.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.78.7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.17.34.118 (Olivia, United States)

ASN10242 (USINTERNET, US)
PTR: ussrv26.newsmemory.com

northamptondaily-ma-pw.newsmemory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.19.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.225.191.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-191-147.compute-1.amazonaws.com

widget.fotomoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.197.229.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-45.compute-1.amazonaws.com

embed.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.74 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.201.96.133 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com

teenytinytongue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.66.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.225.3.119 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-225-3-119.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.80.188.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-188-163.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.216.153.44 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

static-fotomoto-com.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.142 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-142.fra50.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.103.212 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 212.103.201.35.bc.googleusercontent.com

sicksmash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.68.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-68-144.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

4906953.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.118.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-118-4.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.36.214 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.235.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-235-109.compute-1.amazonaws.com

www.fotomoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.221.248.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-248-213.compute-1.amazonaws.com

northamptondaily-ma.newsmemory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	gazettenet.com 1 redirects www.gazettenet.com	556 KB
23	newsmemory.com northamptondaily-ma-pw.newsmemory.com northamptondaily-ma.newsmemory.com	153 KB
16	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com lit.connatix.com vid.connatix.com img.connatix.com	428 KB
14	revcontent.com assets.revcontent.com trends.revcontent.com cdn.revcontent.com images.revcontent.com	180 KB
7	amazonaws.com static-fotomoto-com.s3.amazonaws.com s3.amazonaws.com	334 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net 4906953.fls.doubleclick.net	156 KB
7	teenytinytongue.com teenytinytongue.com	169 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	694 KB
4	fotomoto.com widget.fotomoto.com www.fotomoto.com	26 KB
4	fontawesome.com use.fontawesome.com	168 KB
4	typekit.net use.typekit.net p.typekit.net	122 KB
3	google-analytics.com www.google-analytics.com	39 KB
3	gstatic.com fonts.gstatic.com	78 KB
2	sicksmash.com sicksmash.com	162 KB
2	facebook.net connect.facebook.net	77 KB
2	secondstreetapp.com embed.secondstreetapp.com api.secondstreetapp.com	53 KB
2	cloudflare.com cdnjs.cloudflare.com	15 KB
2	googlesyndication.com pagead2.googlesyndication.com	147 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com	20 KB
1	google.com adservice.google.com	598 B
1	chartbeat.net ping.chartbeat.net	201 B
1	facebook.com www.facebook.com
1	adsafeprotected.com static.adsafeprotected.com	259 B
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	2mdn.net s0.2mdn.net	17 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
0	thejobnetwork.com Failed jobs.thejobnetwork.com Failed
146	28

	Domain	Requested by
29	www.gazettenet.com	1 redirects www.gazettenet.com
18	northamptondaily-ma.newsmemory.com	northamptondaily-ma-pw.newsmemory.com northamptondaily-ma.newsmemory.com
7	img.connatix.com	www.gazettenet.com
7	teenytinytongue.com	www.gazettenet.com teenytinytongue.com sicksmash.com
6	images.revcontent.com	www.gazettenet.com
6	static-fotomoto-com.s3.amazonaws.com	widget.fotomoto.com www.gazettenet.com
6	trends.revcontent.com	assets.revcontent.com
5	northamptondaily-ma-pw.newsmemory.com	www.gazettenet.com northamptondaily-ma-pw.newsmemory.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	capi.connatix.com	cd.connatix.com
4	use.fontawesome.com	www.gazettenet.com use.fontawesome.com
3	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.gazettenet.com www.fotomoto.com
3	fonts.gstatic.com	fonts.googleapis.com
3	widget.fotomoto.com	www.gazettenet.com widget.fotomoto.com static-fotomoto-com.s3.amazonaws.com
3	use.typekit.net	www.gazettenet.com use.typekit.net
2	4906953.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sicksmash.com	www.gazettenet.com sicksmash.com
2	connect.facebook.net	www.gazettenet.com connect.facebook.net
2	cds.connatix.com	www.gazettenet.com cd.connatix.com
2	cdnjs.cloudflare.com	www.gazettenet.com
2	pagead2.googlesyndication.com	www.gazettenet.com pagead2.googlesyndication.com
2	fonts.googleapis.com	www.gazettenet.com embed.secondstreetapp.com
2	netdna.bootstrapcdn.com	www.gazettenet.com netdna.bootstrapcdn.com
1	www.fotomoto.com	static-fotomoto-com.s3.amazonaws.com
1	s3.amazonaws.com	www.gazettenet.com
1	adservice.google.com	4906953.fls.doubleclick.net
1	ping.chartbeat.net	www.gazettenet.com
1	cdn.revcontent.com	www.gazettenet.com
1	www.facebook.com	connect.facebook.net
1	static.adsafeprotected.com	www.gazettenet.com
1	static.chartbeat.com	www.gazettenet.com
1	www.googletagservices.com	www.gazettenet.com
1	api.secondstreetapp.com	embed.secondstreetapp.com
1	s0.2mdn.net	imasdk.googleapis.com
1	vid.connatix.com	cd.connatix.com
1	lit.connatix.com	cd.connatix.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	assets.revcontent.com	www.gazettenet.com
1	www.googletagmanager.com	www.gazettenet.com
1	cd.connatix.com	1 redirects
1	p.typekit.net	use.typekit.net
1	embed.secondstreetapp.com	www.gazettenet.com
0	jobs.thejobnetwork.com Failed	www.gazettenet.com
146	45

This site contains links to these domains. Also see Links.

Domain
northamptondaily-ma.newsmemory.com
accountaccess.nne.media
www.legacy.com
www.facebook.com
twitter.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
www.youtube.com
www.instagram.com
www.amherstbulletin.com
www.atholdailynews.com
www.concordmonitor.com
www.recorder.com
www.ledgertranscript.com
www.vnews.com
www.valleyadvocate.com
www.theconcordinsider.com
www.nnedigital.com
placead.nne.media
valleyadvocate.com
nie.gazettenet.com
marketplace.gazettenet.com
jobs.gazettenet.com
dailyhampshiregazette.adperfect.com
local.gazettenet.com

Subject Issuer	Validity	Valid
www.gazettenet.com Go Daddy Secure Certificate Authority - G2	`2020-04-23` - `2022-06-22`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.newsmemory.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-03-31`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
fotomoto.com Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
*.secondstreetapp.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-07-23`	2 years	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
teenytinytongue.com R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-04` - `2021-11-02`	3 months	crt.sh
assets.revcontent.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
sicksmash.com R3	`2021-10-17` - `2022-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
cdn.revcontent.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
images.revcontent.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Frame ID: A8CF99BE0556A3A3D759373E97C73B2F
Requests: 109 HTTP requests in this frame

Frame: https://cds.connatix.com/p/134518/connatix.playspace.dc.js
Frame ID: 0CB0496BD13377931C10B6842DD3FB89
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 56890D3DA35F63F5BC9B89048328F657
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Frame ID: ED21EDCF1F7FFE31B4425CED98EEAE1C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Frame ID: 0AF8FA69E24956539C9418EB53380994
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Frame ID: A555A5574F25BB65DDD4C09D7B68E9A1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/comments.php?app_id=833431040023870&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3806be0250e1cc%26domain%3Dwww.gazettenet.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gazettenet.com%252Ff11077c68dc6e6%26relation%3Dparent.parent&container_width=750&height=100&href=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&locale=en_US&numposts=5&sdk=joey&version=v2.5&width=
Frame ID: 11FB12774221698D399ED61C67857914
Requests: 1 HTTP requests in this frame

Frame: https://4906953.fls.doubleclick.net/activityi;dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408
Frame ID: 15C5153F1159C91BFC3EB5C562F5DC5D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408;~oref=https://www.gazettenet.com/
Frame ID: 4BF6396D636883E0180F56657F44CCB0
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 4883C1610148036F369DC15FCA7514EE
Requests: 3 HTTP requests in this frame

Frame: https://www.fotomoto.com/analytics/toolbar.html
Frame ID: 98D735EBFEB077CB3A425E92F7A7F404
Requests: 2 HTTP requests in this frame

Frame: https://northamptondaily-ma.newsmemory.com/?myaccount&MACHINEID=d82a523dfc65d32bf23baf3247b4ab51&useMessages=1&3rdPartyCookies=1&callFrom=paywall&popup=productsLeft&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693
Frame ID: 86466406AD0A75719AD7D7D86740F1DA
Requests: 1 HTTP requests in this frame

Frame: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Frame ID: 0E5E2E9B4B6E982EC31985B91274984C
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft: Russian hackers targeting cloud services PrintsFine Art PrintsMetalPrintsCanvasFramed PrintsWall PeelsCardseCardDownloadsImage WrapChange crop orientationGreeting CardInvitation CardPostcardSquare CardMini CardPhoto cardShare via EmailFotomoto logoShare on FacebookShare on Twitterfotomoto-arrow-left_1fotomoto-arrow-right_1Accepted Credit Cardscreditard-logos

Page URL History Show full URLs

https://www.gazettenet.com/microsoft-russian-backed-hackers-targeting-cloud-services-43208693 HTTP 301
https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693 Page URL

Detected technologies

Kentico CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

/CMSPages/GetResource\.ashx

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FlexSlider (Widgets) Expand

Overall confidence: 100%
Detected patterns

jquery\.flexslider(?:\.min)?\.js$

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Glyphicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

146
Requests

99 %
HTTPS

0 %
IPv6

28
Domains

45
Subdomains

38
IPs

5
Countries

3681 kB
Transfer

10421 kB
Size

21
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://northamptondaily-ma.newsmemory.com/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://accountaccess.nne.media/ss70v2/nne/common/template.jsp?init=start&initEdition=GZ
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/gazettenet/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?s=100&u=https%3a%2f%2fwww.gazettenet.com%2fMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693&text=Microsoft:%20Russian%20hackers%20targeting%20cloud%20services
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=8sOCEgZs%2FEyXJBjSSvIo9aTJKY%2BlNm3Bg6rSkojygHUF2HZyMTLLYZXFO0cj1vJUSAsFqDerkEfAFTI89smdKU4yBursmbUaUAFC9YKWLZ%2FbFQtqQNljGpq%2BkbdASnF5KzTYMmR%2Bkh%2BPbCmAgJS5ZZqKq90RNnSjGaAGRtzuHFedG%2Bljl0JZPGYBtmuB2LREBlHKzpQKL8smSlSQB6zaKrFJmVyGMMhdEKdJziXUxxOUNaEwXdtgyDdMDZ7mGaq%2Bz%2B9Q6%2FLy093UVSTTndmtDhkh2toXS463wvE70Jn2cEO7iBx3pTNdEnpne0%2FSUE08auf2GgXk8QOWx%2Ftkhi6h0tuPPxWTObS48tmoSpxKUNFQSS5M%2BrXmmUyqXrr9dsM3CDCszmFlorI7EU8ogczVSvZQtGkV6ocnq%2FgrIocfsiA3zU0TjIVpeUIFLVcjOOSJvfEpoEiXMLuO%2FVbrgH7E9YxgUvvkNaoWWvQGMGAkqdEhShG%2FYbl8X5i2lEkqr4%2FZj3Uy3gLXiMMIs3LtPfMcGkqyxzS151gZkNkPwYBREfL7v3ifelHzC2cj1GehENh01oK%2BSlwd9ojq4hEiaGmEP6xqUsahFDR%2BmN3V2cR8ygf8y8tuGKGEGUIsxxpI2Eocqjp%2BhJgKXM0q1RDNNA2TCQszn4vayC0r5jmo1zGukIzh%2BnZudKnOm4vTdn8mwV%2F5zA5XdrZyxYOf76fDMoiHG89g0d7v5jm9BpsXZwLaUASeCSGTMKRHWnGMgG62bmfVhzTAuJC0gf3Of4gMtBieUTrkJ1%2BqBUNHcnm4YZkuekwqDE5ZIGR0GsEKOTlq6HSbwEk5RjaHF1iPgPT0S0uwo989zSu6yWDAyjgAVHAwN588sJYpRQ5P6g58PWzKnGGpkVjfW4Iuw7aN4I0BfEy5xfFrvNx8WkrfmNlBwFBlembpx9jg0L4sY28y3dD1NgHwXDF8zMLX2DaBzkyVTiYAXYCykR%2Besd0Xkm6o9AGm0LVpRsYDxhwyh%2BNEEHUaQKf%2F%2BvkAEp5IP9v4VWLbV0EVgicvy0lPs8UyI7ZNGJyJGKrji3nzdMBTVNndBqsPke6FnPxA7ulrYKTqapr%2B5y5reZB%2B6zqVpwU3BT%2F4TUa2%2FS7TJ1%2BLS0SPftXMad6Yp4BPfwpv0y7xu3FsUUPaaYKvq3kRfQJgTDIv9usRQe2YFpQPm6v5YCE48Fy559h%2BGuYSTceKWxjEvJYx%2BQyFOGuzCK%2Bxhv8uBUcD2i%2FKqdyNvKXg18huKF57YbVEl2mYpZSvxc%2BsE%2F6cNjPmHguCMO9YP%2BnPTyYSgk7gyiv78qr5fx70SgBW1zMziC%2FtaeLkpagF1FETZKhOKmuiCU089vaZj8WHQNBTiKut2JeP4mRx5sEVkioX%2F27na%2BMrEuo2Fpp94H%2B9jgTaDDpX%2F1JtDtNcDTKPWaJaSeyTamvDVZmMRgv5X4Z5lyBq7S1aNSXnXYGnwvM96cHZVasL3KcAfG4%2BD8%2B%2FSKyNl6bTcnEMURqp0e426%2BrSzUCMvs3DeCHGRxOVnapdP1pxm9i3NoU4VEG2AeFzpeFT3HPQclv0hiCPIkT46JsLJIa3QOBRMRPKesLp&s2s=1
Title: See How New Flu Vaccine Will Boost ProtectionMcMaster University

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=zVtBwgmssJv%2FScAdOEedAUpnzuHQZ5WYoDgwFfyS8iO69Nxaf5m1sMLmht84SrquVBfeVG0yniDUMUaInwIwN4oC7zTD55RfwyVJuIC2oCYwvc7C8CJaaWLPK8VkPwzc7VJ0u9EzyrCuz2Q%2BAeHMbtoBjzx%2BPI%2F0QWP2nk3QlR8Mks%2B%2Bf5Y7UaykpA4iOb95BVVygTnjo1wOcuos1H%2B8yv4fEW1UeOKk5hK4kZLEPQlLw2ygYhDjDB47IyMUb0cursHcsn84N8sittf1zZFuAwshbNPSA3ouuWp1ASwkKmP16anOWgSR2xte2vsjiFgcNooWBDxwp4xEMz7m5HFahFCyxT83lYabkc4spHpdsevTuG4o7rwZHDt%2FRcRN%2FkvI%2B%2BjzY%2F1JqZ2DkdFpoAmay0o6W4fe2Sku7rbiWb0ldVBM1nlLIBPeV58Qt%2BLe5KBdKwN%2FGxzWr7jgigQxTqNcWYJO2uTOYcvFGYjaz5Vnb%2FkJBLGcDjRas3bvHva6aKwL%2FbhC5QOR85dxeLUqIlcjivxIsjHzaF%2FDzW2mmg5TX5cJCbkOH6KNkOaFdGIb%2BdP1NDDUssJ85UiMt%2Br6tb78o2SHq7aUDOe5iTAZvC2OpFLADjJzFUADXhzfz9JQ5aC4q1pltPh58i1fwnfj2vYPnYaLQsm8X0APadKe6B1ZWaCI%2FQLfsvLnKU2deXbvxsweWgy2So1dYFZUj2IIX9pcaaNlvtc8VDWwgRMLjTZl9Qaa0SGPtdMQFwfKthewm0DM3xz3hgG1SCgitoBi54Z4i9P5%2BU0%2BnnafCtqk09P5zCtgwIzBK4TLuvkSmzXBY2uMYa3ObbzZ4lKevBGjKy62eTh%2BlF1FQ4m6GrRVg1txn%2B7FKUrHhUD9QFE8evP0u4yPeez4MIDvUN3fQdhHjjaQvygSpQDc92Eyxj0b%2FW8JMmFSRfFDdEjX5b0zG7aONwIVuGwMm34sZ4h4qVIARsefSiSWj1mnjk%2FuwvDmwYokBphgskXfjbLtRnTWYJwY6SOzQLKz0wLMs3Ul3No7veTcLHoIISpxJaIkc1uZ7rRrGsJFg1DYQx0AfYT9S8ZrvCXXPyMjXXdmy4fPyYeG9U%2B5nu0Vm%2ByXkm2FhwGfUtj%2BPGY%2B%2BHlBjfXQB0SILvT1W8L%2Fmjhgf2K5PduEfjPgvqua%2F3rMy3DnRzhkybDiXfxtosbsv%2BYDTXKa1dkqlhTFoc8pf%2FQmS5ySPKy38sCeoHseIp1UIZU8pTC6Gn5wuPobKFvawhNZVci42q%2Fe7AIg%2FZG1PmOlLDHgWt2X%2FV8dIKbSC7eRcsNrP%2FoVRfVPdav%2Fwc1A5Ql6D0OpSFaZSyNvn6tg&s2s=1
Title: Can You Make A Fortune Online? Is It Really Possible? Cast Your Vote Now!Polls Questions

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=eR%2BJR4RTzunykcocghQIwfzXCKd7FaQyI8DyTPoPF9Yh8ciXPfMcm6Und9vsbV0VaXQ8Jyckygqec0raqReVbT7oIkiOpn%2FALWiFIrG%2BEJpr0Vix%2FDSok7d4bfRV7BvH%2FzD20PkD%2FbhR2MFGqiIRkxu64Ze9Iw1xD3PPbcEmI11skRhHEyI8c5eI5iyetGKLRs%2Fy%2FgxhXKxflXbCkG4LFTQk4lHqJtwK2KpK1vTVajud9l2s0xOWUr2gHJuTNNW44cLwlQpa250MTgOQD3NKGcljzdqudWsJ5VjntMvqLTXQLtwPnanhOH6WwGwMgGg%2BeNSZuMzCCy0OVIBG2o6QuWCd5WkVRVje4c%2F4Zq2oIdB9nLxrhTJ%2FqeJkh0ZZsPmtlJ%2BE4UFbdIXd7EBkTfnbtSu5A%2F%2FjUYDtAFL8h6ZKZrOjNye%2FpEcUvPakiEImIM%2BcxzhQzLTbvjZb%2FliEB5TrloY1c9ow%2BOiDp52jGPjePVVJdh6894QbrMO0xnOOvtXXa8JemwdXC5tcvRzuzP3IJ%2FNMDdzaN6u%2BD2%2FLxFQGi5U2wnhG%2FD91lz5UKX5qBToJD4878ALN%2BdNxIjEsnTspHzDrQhvTDpNkNCxX1o5jMqirXMxoFDd9iXjH6lvVVzhiBy4xeDglXsCZNWMVCU%2Bw8AbtK2B6z5VWlfgOe7WVxnNDDE1Tx%2FJEbQ2fb%2BW1wd6FIA%2By5uyiQZURthPlUsqVhvHPcBdv4FDsEIluomzgqj7dM%2B1Cji%2Fr9trjzGdcZ0pUMg47t%2FGWjRytv9nmKCWI1ytuMzRmhhdfnktTgwcETPWZIcv8u47zDfCfXLN8fema%2BQWARtY7bkLcKkDPJg%2B1xXrQBIX21gkr1xiXwa7TBWcZWms7BkLX4RiApbtwkymErL0jkukpw1wsDVeeDfbilXOvuhJVNzFf2W8edzSVITZNbDVOYT7vzAR%2BeOldriBUcF0Hc%2BJ5g%2F5A5WD36BVpS2ZUTW0fFBZiXCWAuPhOWFUJUYgHNi6gdUgp1AqlgKdBSPVnTtrM2v8Nm7n5r7oZ6V0paNfiYjBIw%2FnNfzxjtSX%2FZ42Y1ojHpxfgsJlSlWsldQrEqRikirxXvoEcRGVNSujGPuYk4%2Bp823kMvf65Day1xHVg4bQBuJIm3ySLgSsaGllXoHFjKZD96mlKQzNh5RSJCDrpwkErPDqr1zh%2BWc6z5grzdSrgS0WyooPNu0sAGh4%2BKhpnH8pPkUD%2FMkTUBzJYjZ7uCUuQXby73h52n0z4PLvlRQceTJ1kvMz0ng6PF1lXyv1IB233EMv0hFbZwNBg5rGEgIWRSuSuBPpz%2BNClGFfS5MVz%2BmP0A53Dnc0ZI3hL%2FhJhlr7Z9C3TEGRCA431k9SnXufxvXpILWypza4iO31BGaeLtGIs5p4o1kd7q4OApwl7maPE2KmaFkP6Ta20hkejAy%2FLfwtFfELA9qxZgaBiB81hVww5K%2FXRRkKMQzjPQ2lYdWa9BRhkVZNjr8so%2FsJGMpzqGMw23VMnnSKmPM4PGxjIX%2FrzxNz8Y6AQtmDWJHU%2Fbe8j9jMUCtaPt%2BWT9OtzsQ8yLWiYlQdmTdE%3D&s2s=1
Title: How Covid Has Impacted Indigenous Communities McMaster University

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=wv99Or%2BGoKY2%2FU0Z%2BM80XYFd2pdy1vD6KgPHVBM7oRB1zeaNuSwHR1J%2F3oNYWuyVMrX0iUuaHMzjPfqphkLNMZn2YMyIrkNNv8v%2FXZvJ54YfYsHk8qK4XsPQOHSD4ndKtOWEx5j1w6qkz7mIr4KXNrE7MzAVK2erVlmjBMiq8Xn2R8QeLTaN2QkxHsQXNPSGJTumZhqTy9SyuOCsNd1cH77vEPqsS7xtxRvJP1sIzZRAZBI28Zo3Q9Bcpk8pqGsY2GBl3Sm412LQbdFnBEzQRuE1w3D3OBLni%2FYip%2Bv4hVACVwKrwYZxSqavxPWfwNkrJWH9ebcuhBwWcFJtXjuU3MQ77MAqaZvpBDlPiTQ2qijjaHIkCizEJXWDAOt79ivhYwFMRuhvk3LW%2B%2BiMDySxWbPVrH7XvEfoFK8Q5DC5d9IUZqkLyE6Otn1YlGKFQiWysA90C01DDB5BoNCA7Ed8Q%2Bl%2FvCMbM8uVNzya6OWJbdM7ltIju1RU%2FtoKx6ux1iY%2FuToyJUjoNJtLkynyYLgbq%2BSeYdd4sRkMF%2F1XDduu84aSZM%2FLxUTID1marAB8IpdhCqLe%2BraOW4sB3F5ngIFvSk9GEGpJnKnVssxoB%2BPjRHAmegVaejt0RqhIOR%2BuRygqfWRZ8qIbYAHEPpFbw5L9Y9Sf%2BOc%2Ba%2FdIqYdrV9Uj%2Fw5kuhbtHTBbYLQHakrg2suwtWDwLUVo5YkXRns%2F%2B0BYBXJ7MOOBmJqTcAiPbop7qrn8UWsxCS%2F3Q8A9atgM0axxtcmcanAwTBVYgRgv8PWD4CFa1hdoooErqEdihf8aBd6US7X5fBoc%2B4AzKc076V7vDXff8WciJ%2FYzOgECrhuXwOM%2BFlFaFtsb%2FoOd8MZ5kn6nBX7gBY4RWipCARl6DZp1p%2FF3j4LtaHkL7veUYjvMHtzbMyCjzRo649VpWKjnDPwqZckFxqoMKjBWWb4idH2HdILmKqLOG%2FrZmBCKnQPCdRbuCtGEnqBJ5z4Sj0OLfVhPjLUEXde%2B3F7D7tjkuISiPph10OpliHO6biIOoMAnBMWG%2FGksymeJOOlKhF9fjZ1erDmmGTVda7vSrEh4RjfBpaQyi4qR36kokBk69maUFXhZ0CB%2BPbcFHtxXjMFAQkeWSGXhxmWkAPuEYtK2NPdFxPKTPKcKn19kwjmVSPrCBeYbeOlfkFzIwTcLOu0TUo9HMRAiWoFowjDug2sSMZJEZY01hit7bX%2FGij9GPddxDX%2FszBF6osx0x9H%2FyYnJwPoUbcJa2RqY7M%2BwyymIL8DvbdOrzVZQdH3DWkkLx32XmVIEcPZLi9lDryzxvzBk6oBODMzSb0LT0xijT5tigSxIf6EchA6AvfZnFrGM4Yak0SJy3qceT8YsiV757ie7kle12GCf8rDBUPYCDN%2Bpyc4XbSEq%2BmfP6kpdSMJkL75x7oN58hfQSSCFzfUTGg7YCdrnUftFlFejGLksfjd%2BcrbFfZquAlSU2xrBWQ3DbBWfGNTtdeh9470wV3qUx9rG7Xb0YtEG1FQTs2ndnqxbrFJuhCbxaCvMSx6%2BD%2FB0atMClPWYn%2BQdtToEaus9QAiR14OarqLbRKclqChHsa5ZDi5c&s2s=1
Title: Read About the Tech That Can Diagnose InfectionsMcMaster University

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=IzvQHUWOST%2BywmQcOaEAmPf29X15my5ZDcT%2BCgBj%2BuP%2BHm62AIQRmw8PNn%2FETE9IbT4qp7A8KBjfAn14TBCTlwt5yg8shk6EV6N%2F%2BWT%2BLVlTRHaV5gQMSG2BEY779IoUGabSNDDot7uJ0y0z3RARtwQJc1OKGJ5nZI%2B4qbVKkND5Z2eyO6FM%2Boi2LizY6tirgbq65lTBaQBfWHiqAxtW7OEsg3PLrTGlNo2xqzlzrSjdJeTuF82F6ZJBakDeSarDCWnjBZ%2BdDhcN7yoTVe9yDaGiDrBFNQMIUYJalBtT2mIL%2BlTmCeuqSDQ5xw6cJ7B0xWBKk7HVNGC2FJb1hj%2FmD9JPJ93o1s6uwSNtwSzFl%2BvEfmH3Vn86uxJwhzQ7wJfkepsae5DMPcLkwyKU%2F2EJCHa97qIB01s6GYVEewJRXvnHB1T%2BlkLKeSff6UAbIHqODkgf%2BmLIq1uGcvR%2BHGDiLQJCa%2BOS%2FoDCU6tHSS5KrAWIYiX3VDQ%2B2woKDzVkD1BrCbsDiajjwc0tjGWH2fTjiWGJ%2Bndm6DU8Vt2i3s65AmcQjIoKGB2oKMP6Sx9V7X4nBL8W%2B76R2ZU1T2lCxlPolx9mL5fONjoze125ooUf0HzlZh3n1dvN1mK%2BU6cqhrvC8KeehmQDISJeTT3lrC%2BUjNL%2Bw4L2iHBH5bY2ta1UDXafdiVmB1ZccjteWC2Hff8Cj6jgQDvOII1d3ppBd6whsXrWi4bxwXykC9wfzqJuTlbE%2FalapcpK6J4InZr9sV33EyfaPVR9aGM%2B%2BbFyGlmHh2dH9HOomUWlUPtTpIPj18SpSXOK%2BGIYQ4i2eIVARW%2FXPFKW2pG1Ep%2F5yb1zbMBGtROzt2lO7%2BHQq4RsaGclJQVn0wNoyV8N81wdmxbV07kKymaqzuwDHuRomuLyA3ICPVVzrIE%2BBbbDZ5URYyBasmu1gXbxoPunTp9GsETp%2BO2Jy8rRdAuIucaRGSDChVCM5syFJ39mvUIG1bhF%2B92xLNY5GmJ9FqP3rsqnZR77ErDybTKSsEVx04b8OG4Qx%2B5MR9H5f%2Bl9UrbgXfu%2FMntNVv2CdzCi2aqIQYnJ88wH6SJejS%2F2hvtQ854l6l5sjDwOMYBSwgBbdNwYxHG4tB5gvtgAquwqdbFEfldFPPZqi8Q4qpXxeEYjcbACUqcY5Zzr8OrnkEh7UV%2FL0x54%2Buubtc1KibN6cTUuu7xFxIxB%2Fe%2FZ0MqjRD3%2B%2BSE3hiY3cOg0v9AqGFKQTGH3tBQZQ8JKKbxoYbvLKTbULPGN6V9OGbR5TJuAKv%2F99ecRXxqSVh01zQNwzyUlHGJBsnwwiXL65the1qpAvBDzoBLvT5QVJZi1krUg9ZBFgX3Z%2BI0EpcpwRGrrwNmsBvRoG4HMxBHrGOU%3D&s2s=1
Title: This Video Will Soon Be Banned. Watch Before It's DeletedSecrets Revealed

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=kb36nCtiiCv%2Fe1t1NWIkX8EzpjnkbjQVLhBZ3e5m%2FPKOdrS9CnslYGu6sHZ3bWananBI8ZWIoAeh53PsDgGsivIa7ddCzP2h1X3ghpMPvA%2BDBf84BBS%2F1d3GLLpOu%2BLkS5Rlo2ykiMAPeaa99Nkwri3XMXFRhTV%2BRQO1o6aL%2BrPDNPytafPWEBIYAcSMHh5%2Fe4TL1WRYUgFOdJSAsB3jHkcY%2FY%2FPddHSYJRLUhz%2Bwnc6ELKHUHP9NN1SfDK%2FUhPgkBSH4nr9j%2BDzcHIRTMvbw43%2BrVmZ%2FKKOncKaC9ONrJ829NITGDxV3nY7jbgIFgVCr1xE526qeWNRYFKRLdseHu%2BAH25nRdIlM%2FW%2FCwA0zTDv1a4gLtuttzZxxOlJAEIDewzDmn23I2qb35hwLrgVQk0N0pHdUp20QOHm2ocUZ5YNTHeDOFr6k88%2FPIdYL4EkG4FYgqN4g5J4BbSXhBDC9gteJfPzu09B7ufcfsrJJ%2BZHd1%2FJs9P0MiLXqSYXs25J8M3P0ZFujTEBNlSQuGtlyeGQOk0FRnukdRjxgBd9UulRy4wBDU7B11tJ2ZxqtIPIOUYvYBPJkFqwv66%2FZwkyxlc%2BGqZ4ccIqv5nxIZZfPgr5Ycf%2BRt77W%2FVrTOj0n0uYyqubaZoKPgthVdszt78FKbCoFYLGE7RrUI7LeBRWm3QQd2lfIeBJLywRK00c8J%2BnaDQYs9YN85bxKDG8%2Fu0VeQd%2Fjom7Vmmz1VWUagg1De0CdK2xqgtQ9DL3DMcnmdGL0WAtLcPF3FcftCAve8iVDrJNRAn89eAXfaMqKGJtMcuaR6%2FQdQ467BEfTFUKFvz6GbX%2B9JeuKNChXfH4GXYXDU6JHnrBAqmANhm6z0CmQO1giLLJQongTqO7%2BlCkEDMTUu%2B%2Be95jeSjajjuFIj0s7H6yXims57Jo5ffaqDAMTtm8%2BwG02U8KrYNTThyxionZIfN1Aqus39DsPxYtg5p8sfLNTQUYvbHCfzm%2F0hQyIzmDzZmwpyBCFP9ss%2FvyOjkKZri6VOPZi7PkzmnfGO1HD8M9eNWYZJEiiCKaW%2Flk827AFHaUe%2FdESvoxUN05GqovRi09%2FDPMSPsXqoy4R4ESRqlust2shfpD8zmJZ2ZTFNEqE31%2FHc4N8aNEHo2frKLPE84tR9MT1fhi%2FovagT%2BJxRQe5sbTpkBY13lTM6VJCPUk1kPSQDcVlcvRoP1zeM4W52HI0bSbAcRk1Z3qQlO8F2QPEJQqLTPSUDmhMSW7HiqFw3IB9RRr%2FbcigEdhOZ09T9bMrI4LbZqC7%2BJ9H9UReCYAiqBuPPTFToavuq7y7yM%3D&s2s=1
Title: International IQ Test: Start the TestInternational IQ Test

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://accountaccess.nne.media/ss70v2/nne/common/template.jsp
Title: Support Local Journalism

Search URL Search Domain Scan URL

URL: http://www.facebook.com/DailyHampshireGazette
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/DailyHampGaz
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/gazettenet
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dailyhampshiregazette
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.amherstbulletin.com/
Title: Amherst Bulletin

Search URL Search Domain Scan URL

URL: https://www.atholdailynews.com/
Title: Athol Daily News

Search URL Search Domain Scan URL

URL: https://www.concordmonitor.com/
Title: Concord Monitor

Search URL Search Domain Scan URL

URL: https://www.recorder.com/
Title: Greenfield Recorder

Search URL Search Domain Scan URL

URL: https://www.ledgertranscript.com/
Title: Monadnock Ledger-Transcript

Search URL Search Domain Scan URL

URL: https://www.vnews.com/
Title: Valley News

Search URL Search Domain Scan URL

URL: https://www.valleyadvocate.com/
Title: Valley Advocate

Search URL Search Domain Scan URL

URL: https://www.theconcordinsider.com/
Title: The Concord Insider

Search URL Search Domain Scan URL

URL: https://www.nnedigital.com/
Title: NNEdigital

Search URL Search Domain Scan URL

URL: https://placead.nne.media/obits/dhg/index.html
Title: Submit an Obituary

Search URL Search Domain Scan URL

URL: https://valleyadvocate.com/
Title: Valley Avocate

Search URL Search Domain Scan URL

URL: https://nie.gazettenet.com/
Title: News in Education

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://jobs.gazettenet.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/ma/automotive/search
Title: Autos

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/ma/real-estate-sales/search
Title: Real Estate Sales

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/ma/real-estate-rentals/search
Title: Real Estate Rentals

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/ma/merchandise/search
Title: Merchandise

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/ma/animals/search
Title: Animals

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/ma/announcements/search
Title: Announcements

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/ma/sales-auctions/search/
Title: Auctions

Search URL Search Domain Scan URL

URL: http://marketplace.gazettenet.com/ma/services/search
Title: Services

Search URL Search Domain Scan URL

URL: http://dailyhampshiregazette.adperfect.com/
Title: Place an ad

Search URL Search Domain Scan URL

URL: http://local.gazettenet.com/
Title: Business Directory

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gazettenet.com/microsoft-russian-backed-hackers-targeting-cloud-services-43208693 HTTP 301
https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js HTTP 302
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js

Request Chain 38

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/134518/connatix.playspace.dc.js

Request Chain 95

https://4906953.fls.doubleclick.net/activityi;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408 HTTP 302
https://4906953.fls.doubleclick.net/activityi;dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408

146 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693 Show response
www.gazettenet.com/
Redirect Chain

https://www.gazettenet.com/microsoft-russian-backed-hackers-targeting-cloud-services-43208693
https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

64 KB
21 KB

1539ms
1539ms

Document
text/html

52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

bb48e0fc62c50ba209055dc8ef8db49505a247ff01177de5efef95547b0bf216

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.gazettenet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Cookie: CMSPreferredCulture=en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: deflate
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Set-Cookie: ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl; path=/; HttpOnly; SameSite=Lax
X-UA-Compatible: IE=Edge
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 26 Oct 2021 05:29:07 GMT

Redirect headers

Cache-Control: public
Expires: Wed, 26 Oct 2022 05:29:07 GMT
Location: /Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Set-Cookie: CMSPreferredCulture=en-US; expires=Wed, 26-Oct-2022 05:29:07 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Tue, 26 Oct 2021 05:29:06 GMT
Content-Length: 0

GET
H2 200 bootstrap-glyphicons.css
netdna.bootstrapcdn.com/bootstrap/3.0.0/css/ 13 KB
4 KB 56ms
22ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-glyphicons.css

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca64645c22680035acdd8149902fda928c381cafbeab0b628b5542a7323ee0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 16070185
cdn-cachedat: 2021-04-23 03:56:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a4b476bc9379bf89a1ecb301ba2e0363
cf-ray: 6a4149231f4af9ce-PRG
cdn-requestcountrycode: CZ
cdn-requestpullsuccess: True

GET
H/1.1 200
OK bootstrap.min.css
www.gazettenet.com/App_Themes/Home2018/css/ 118 KB
19 KB 105ms
105ms Stylesheet
text/css 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:07 GMT
Content-Encoding: gzip
ETag: "0f5c376e393d41:0"
Last-Modified: Fri, 14 Dec 2018 19:30:26 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 19629

GET
H/1.1 200
OK GetResource.ashx
www.gazettenet.com/CMSPages/ 11 KB
4 KB 212ms
105ms Stylesheet
text/css 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSPages/GetResource.ashx?stylesheetname=Home2018

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

214e0f9cc83905f2342682b3261f6eec72ac30fd3634650f21ccb37d57c77386

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:07 GMT
Content-Encoding: deflate
ETag: "cssstylesheet|bb518e7f-7eef-4127-940f-859c225b2076"
Last-Modified: Tue, 13 Jul 2021 22:14:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public, must-revalidate
Transfer-Encoding: chunked
Content-Disposition: attachment; filename="Home2018.css"
Vary: Accept-Encoding
Expires: Tue, 26 Oct 2021 05:39:08 GMT

GET
H/1.1 200
OK GetResource.ashx
www.gazettenet.com/CMSPages/ 282 B
737 B 277ms
93ms Stylesheet
text/css 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSPages/GetResource.ashx?stylesheetname=2019-overrides

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f4a3b4f4a6aca1b5c8cd83c9a6cbbfcb6a4ef705f1230eac411bb047102b7745

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:07 GMT
Content-Encoding: deflate
ETag: "cssstylesheet|34eb7000-76ce-44eb-a386-a46abe546904"
Last-Modified: Fri, 27 Sep 2019 18:02:39 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public, must-revalidate
Transfer-Encoding: chunked
Content-Disposition: attachment; filename="2019-overrides.css"
Vary: Accept-Encoding
Expires: Tue, 26 Oct 2021 05:39:08 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.gazettenet.com/CMSScripts/Custom/home2018/ 95 KB
33 KB 460ms
276ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/home2018/jquery.min.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:07 GMT
Content-Encoding: gzip
ETag: "8086455e593d41:0"
Last-Modified: Fri, 14 Dec 2018 19:43:49 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 33835

GET
H/1.1 200
OK bootstrap.min.js Show response
www.gazettenet.com/CMSScripts/Custom/home2018/ 36 KB
10 KB 386ms
193ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/home2018/bootstrap.min.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:07 GMT
Content-Encoding: gzip
ETag: "8086455e593d41:0"
Last-Modified: Fri, 14 Dec 2018 19:43:49 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 9839

GET
H/1.1 200
OK jquery.cookie.min.js Show response
www.gazettenet.com/CMSScripts/Custom/home2018/ 1 KB
1 KB 303ms
101ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/home2018/jquery.cookie.min.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:07 GMT
Content-Encoding: gzip
ETag: "40f8f55e593d41:0"
Last-Modified: Fri, 14 Dec 2018 19:43:49 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 918

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 39ms
17ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 04:03:52 GMT
server: ESF
date: Tue, 26 Oct 2021 05:29:13 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 26 Oct 2021 05:29:13 GMT

GET
H2 200 wje2tqr.css
use.typekit.net/ 3 KB
942 B 56ms
7ms Stylesheet
text/css 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wje2tqr.css

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.59 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-59.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7776bb805b46871354ecad1b95a5deb672d44a927c10a51025fc129cf9ce1413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 26 Oct 2021 05:29:13 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 711

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
12 KB 56ms
22ms Stylesheet
text/css 104.21.78.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer: https://www.gazettenet.com/
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:13 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3023130
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: V16TAF0GV109WFW1
x-amz-id-2: IlqjlGbpn14HlHFwDURErH8UQjabxbrwy7Bg4/2y/kq64wOTn1Ub3er77NxZCyOEp4GHEHD//K8=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGYvk%2B%2BRKFlwl81RX0QWDOa%2BCvbh5R15gGZ2%2BIM61YzSeousNrB8jptu%2FVVcmM68P8TCtTYSWHCVHyZEhrBT0GhbA3h7PihV0zX3CSOd0%2FR7PDHXvXTxzyb6gcDggCfApYettwn6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6a4149232ff627b8-PRG

GET
H/1.1 200
OK / Show response
northamptondaily-ma-pw.newsmemory.com/ 6 KB
2 KB 566ms
174ms Script
application/x-javascript 216.17.34.118
USINTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&v=4&service=onstop
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.17.34.118 Olivia, United States, ASN10242 (USINTERNET, US),
Reverse DNS: ussrv26.newsmemory.com
Software: Apache /
Resource Hash: 0b193e9148db8d0686329a827b820586dc18f64f47a126980a9a4bb2f2f31ff6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length: 1993
Keep-Alive: timeout=2, max=300
Expires: Tue, 26 Oct 2021 07:29:14 UTC

GET
H/1.1 200
OK jquery.dfp.min.js Show response
www.gazettenet.com/CMSScripts/Custom/dfp/ 6 KB
3 KB 313ms
104ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/dfp/jquery.dfp.min.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b84897b514491bffcf4ab630122fc3c97b6c71ffdcb9ecec4fb149bb35fa2f9e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:07 GMT
Content-Encoding: gzip
ETag: "01f5822dd47d11:0"
Last-Modified: Tue, 05 Jan 2016 17:18:46 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2556

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 78ms
41ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

acd9b7f4d750dd374ba6b4c640157e920eae4226c4d56739a5998217a4551e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 51356
x-xss-protection: 0
server: cafe
etag: 3896411771891482660
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.gazettenet.com/ 23 KB
6 KB 317ms
105ms Script
application/x-javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/WebResource.axd?d=Vk9Bo43l9BBOZWVCcgKP21TLUwiw_Tjy0d5jwjpcHYaqJFa_fn0V4gNEmIxRskKnM0avomHXFXAxK4JCAWexs3R0gCSEQ8e-IytN9661mfk1&t=637453888939909757

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 01:28:13 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 6007
Expires: Tue, 25 Oct 2022 07:45:25 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.gazettenet.com/ 87 KB
27 KB 553ms
276ms Script
application/x-javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/ScriptResource.axd?d=_7aT67GwraOIyoyLruh_TIplzmq1FFGVN34_of-m6vqHJdNnsplTd9CGUJz-9Z-ZCSPOryoTpNuwATZzPbijoQZlD5AlPCfuhRYVy3depIyRqGVctq53PKvKgx9jqeDf0&t=7c776dc1

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Oct 2021 01:42:50 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 27722
Expires: Wed, 26 Oct 2022 01:42:50 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.gazettenet.com/ 36 KB
10 KB 505ms
202ms Script
application/x-javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/ScriptResource.axd?d=F3tzR_NF_Ztt3it3e1-qs3npxqm5J0jqmMO_DCZZhoMWKNgCUkUoUvXdR-v3FzXqtoPmf3OakNSKbXbgGVg1tKpfuzub9De6uYB8hdyavrkowKPXCgHZdyTtqcz6yY1sgdsGtozaj0f7EcFEkNxqNw2&t=7c776dc1

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Oct 2021 01:42:50 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 9936
Expires: Wed, 26 Oct 2022 01:42:50 GMT

GET
H/1.1 200
OK 04n.png
www.gazettenet.com/App_Themes/home2018/weather2018/ 2 KB
2 KB 162ms
92ms Image
image/png 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gazettenet.com/App_Themes/home2018/weather2018/04n.png

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

edf1d4cfd83a8242ed5a2137819680c44000bd48a580f979d86f726f194d4093

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Last-Modified: Thu, 20 Jun 2019 21:02:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6f219a7eab27d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2223

GET
H/1.1 200
OK dhg-header-2019-2x.jpg
www.gazettenet.com/App_Themes/Home2018/ 42 KB
42 KB 163ms
93ms Image
image/jpeg 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gazettenet.com/App_Themes/Home2018/dhg-header-2019-2x.jpg

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

983b9288f24ef7954569991bef1e6c73d19ae2671f9307a0b7c29ccef3933ec9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Last-Modified: Mon, 16 Sep 2019 16:07:49 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "21c5de3a86cd51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 42690

GET
H/1.1 200
OK b5hackers-hg-102621-ph1
www.gazettenet.com/getattachment/21353689-e4b1-41f7-a842-4b055698f0b7/ 57 KB
58 KB 102ms
101ms Image
image/jpeg 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gazettenet.com/getattachment/21353689-e4b1-41f7-a842-4b055698f0b7/b5hackers-hg-102621-ph1

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f5670c5d67f45b529469af7a9afb4dec6fbe1c247d32e9db5029ce8b2acad4ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
ETag: "en-us|21353689-e4b1-41f7-a842-4b055698f0b7|10/26/2021 1:05:03 AM|LiveSite"
Last-Modified: Tue, 26 Oct 2021 01:05:03 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate
Content-Disposition: inline; filename="4f97c0af63934380a363651066f79279.jpg"
Accept-Ranges: bytes
Content-Length: 58407
Expires: Tue, 26 Oct 2021 05:39:09 GMT

GET
H/1.1 200
OK Two-injured-in-weekend-shootings
www.gazettenet.com/getattachment/59158e14-fb22-4a67-a648-f90c61bec67f/ 36 KB
37 KB 102ms
102ms Image
image/jpeg 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gazettenet.com/getattachment/59158e14-fb22-4a67-a648-f90c61bec67f/Two-injured-in-weekend-shootings

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

beca0e38b472b504d1b67a9c31614fb4121d72dbed1f1d2cc1d83daeba6c75df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
ETag: "en-us|59158e14-fb22-4a67-a648-f90c61bec67f|10/26/2021 4:23:11 AM|LiveSite"
Last-Modified: Tue, 26 Oct 2021 04:23:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate
Content-Disposition: inline; filename="2cf5769fa920438fb2e1c1121e98d0b7.jpg"
Accept-Ranges: bytes
Content-Length: 37144
Expires: Tue, 26 Oct 2021 05:39:09 GMT

GET
H/1.1 200
OK Record-breaking-storm-douses-dro
www.gazettenet.com/getattachment/22d65da0-7ddd-4d4d-b5ab-47f7aef900b6/ 106 KB
107 KB 107ms
106ms Image
image/jpeg 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gazettenet.com/getattachment/22d65da0-7ddd-4d4d-b5ab-47f7aef900b6/Record-breaking-storm-douses-dro

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1e6d11ac9b2fc6197cd0d9e6b54c0a9cdbcb8cb5da1fff29a5f2e3992237a7b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
ETag: "en-us|22d65da0-7ddd-4d4d-b5ab-47f7aef900b6|10/26/2021 1:05:06 AM|LiveSite"
Last-Modified: Tue, 26 Oct 2021 01:05:06 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate
Content-Disposition: inline; filename="273ec4d776b84e84bb906c3773353f9d.jpg"
Accept-Ranges: bytes
Content-Length: 108747
Expires: Tue, 26 Oct 2021 05:39:09 GMT

GET
H/1.1 200
OK Microsoft-Russian-backed-hacker
www.gazettenet.com/getattachment/f89cf16c-902e-4131-86ec-b1fc7b200978/ 65 KB
65 KB 95ms
94ms Image
image/jpeg 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gazettenet.com/getattachment/f89cf16c-902e-4131-86ec-b1fc7b200978/Microsoft-Russian-backed-hacker

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a1fdaf3e88c99593375bb5c12f3c6cd3bdcbd4cffc4e3206373c49a12c739faf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
ETag: "en-us|f89cf16c-902e-4131-86ec-b1fc7b200978|10/26/2021 1:04:59 AM|LiveSite"
Last-Modified: Tue, 26 Oct 2021 01:04:59 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate
Content-Disposition: inline; filename="926de78c40d84741b493db8eaa721f2b.jpg"
Accept-Ranges: bytes
Content-Length: 66428
Expires: Tue, 26 Oct 2021 05:39:09 GMT

GET
H/1.1 200
OK Sudan-s-military-takes-power-in
www.gazettenet.com/getattachment/7b6959cb-7ff8-4bd9-a52d-11d3c431a418/ 71 KB
71 KB 106ms
106ms Image
image/jpeg 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gazettenet.com/getattachment/7b6959cb-7ff8-4bd9-a52d-11d3c431a418/Sudan-s-military-takes-power-in

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

428ea820b91086d6ac8a07c9df43c1c77aa430b37dc36e70f45bc4511f8add43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
ETag: "en-us|7b6959cb-7ff8-4bd9-a52d-11d3c431a418|10/26/2021 1:01:05 AM|LiveSite"
Last-Modified: Tue, 26 Oct 2021 01:01:05 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate
Content-Disposition: inline; filename="aec7eef87bde4eacb121ab5f00f6ac17.jpg"
Accept-Ranges: bytes
Content-Length: 72617
Expires: Tue, 26 Oct 2021 05:39:09 GMT

GET
H2 200 lightgallery.min.css
cdnjs.cloudflare.com/ajax/libs/lightgallery/1.6.11/css/ 20 KB
4 KB 56ms
21ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightgallery/1.6.11/css/lightgallery.min.css

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3273
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed1-4fea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEWVCwPR6KZisPrDL91nURFFLXhIhXm3gMQFOeRFoDWCpJH%2FEGWlVAnxZlcrg5RthOgVx7GOJibw9U5EjL4OwtIj8QaivnoiEyxZfxiQoNXmtzIW8sCS9umqrhGrAD1tZAsyWiZv"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a414926af982788-PRG
expires: Sun, 16 Oct 2022 05:29:14 GMT

GET
H2 200 lightgallery-all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lightgallery/1.6.11/js/ 49 KB
11 KB 36ms
23ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightgallery/1.6.11/js/lightgallery-all.min.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a9862ed8cec4eccc8f6a22efb076fbe695cd4ff13dc05072793149bc12a7332

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14290160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10677
cf-request-id: 0a08e985e400002788a2a51000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed1-c256"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBI3YpykfTTy8wMcLcZJrqOar2aQywsFLTiVti7HbYEDUHjMiVzNmDbyvEwPRrManmqTVWj6cASQsRgR7F6Wa74LD9ryPzYA7y5Ky5gxKkMo4Lc%2BRFv7W6SW1duJ0xYwZz%2FuHfXg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a414926af9c2788-PRG
expires: Sun, 16 Oct 2022 05:29:14 GMT

GET
H/1.1 200
OK imagesloaded.pkgd.min.js Show response
www.gazettenet.com/CMSScripts/Custom/home2018/ 5 KB
2 KB 93ms
92ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/home2018/imagesloaded.pkgd.min.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Content-Encoding: gzip
ETag: "8086455e593d41:0"
Last-Modified: Fri, 14 Dec 2018 19:43:49 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1813

GET
H/1.1 200
OK jquery.flexslider.js Show response
www.gazettenet.com/CMSScripts/Custom/flexslider/ 54 KB
12 KB 102ms
101ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/flexslider/jquery.flexslider.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

5d7bbad207e6689ac31858d421ef9ed79c96ffb3fc8f6fd88e4d20ea78eb12aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Content-Encoding: gzip
ETag: "07259143559d11:0"
Last-Modified: Wed, 27 Jan 2016 19:01:08 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 11810

GET
H/1.1 200
OK Cm-Flexslider-Init-2018.js Show response
www.gazettenet.com/CMSScripts/Custom/home2018/ 506 B
697 B 93ms
92ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/home2018/Cm-Flexslider-Init-2018.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

7aec01fc75d1d3b5520cc58b2702808e6d7029aea9f6bd839cfa53368ca8da46

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Content-Encoding: gzip
ETag: "76ccd55e593d41:0"
Last-Modified: Fri, 14 Dec 2018 19:43:49 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 362

GET
H/1.1 200
OK dhg-sponsored-article.js Show response
www.gazettenet.com/CMSScripts/Custom/sponcon/ 1 KB
1 KB 97ms
96ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/sponcon/dhg-sponsored-article.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b932cfe2294598d8f20ef891295d8711d2e44928fa2b9e5583bb2e38e50ec186

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Content-Encoding: gzip
ETag: "6564583bfcdd61:0"
Last-Modified: Wed, 09 Dec 2020 00:09:07 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 725

GET
H/1.1 200
OK e35d9ad9f3a6e33f77b5ee958c3477a37aca0504.js Show response
widget.fotomoto.com/stores/script/ 22 KB
23 KB 746ms
391ms Script
text/javascript 54.225.191.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.fotomoto.com/stores/script/e35d9ad9f3a6e33f77b5ee958c3477a37aca0504.js?api=true
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.191.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-191-147.compute-1.amazonaws.com
Software: nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack) / Phusion Passenger (mod_rails/mod_rack) 3.0.11
Resource Hash: cc0ae738ca188ecbd3c0ae0333996f794bcbbf39cec2ccf3f95e560b19084a96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Runtime: 0.275430
Date: Tue, 26 Oct 2021 05:28:50 GMT
X-Rack-Cache: miss
Server: nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.11
ETag: "e929cd10eb342fdc2584caa1aa51566c"
transfer-encoding: chunked
Content-Type: text/javascript; charset=utf-8
Status: 200
Cache-Control: max-age=0, private, must-revalidate, no-cache="set-cookie"
Connection: keep-alive
X-Request-Id: c7612ae3784d3ee9dd2d3ef5ccdeaa6b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK optin.js Show response
embed.secondstreetapp.com/Scripts/dist/ 176 KB
52 KB 382ms
94ms Script
application/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-45.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:13 GMT
Content-Encoding: gzip
ETag: "042b333c6d71:0"
Last-Modified: Wed, 20 Oct 2021 22:37:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 107
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 52427

GET

TJN.js
jobs.thejobnetwork.com/Widgets/js/FeaturedJob/
Redirect Chain

https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js
https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js

0
0

GET
H/1.1 200
OK dhg-header-2019.jpg
www.gazettenet.com/App_Themes/Home2018/ 19 KB
19 KB 103ms
102ms Image
image/jpeg 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gazettenet.com/App_Themes/Home2018/dhg-header-2019.jpg

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

3cf4b16de30fa1dc161bafc195f807790a9ed3a990f3f2d9df4cd527ec6720bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Last-Modified: Mon, 16 Sep 2019 03:13:17 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4e192af3c6cd51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 19650

GET
H/1.1 200
OK / Show response
northamptondaily-ma-pw.newsmemory.com/ 4 KB
2 KB 532ms
161ms Script
application/x-javascript 216.17.34.118
USINTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&v=4
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.17.34.118 Olivia, United States, ASN10242 (USINTERNET, US),
Reverse DNS: ussrv26.newsmemory.com
Software: Apache /
Resource Hash: d0da8ae3874929fbad3b65d9d92e38b9521ede06871bb1646b9d3bf4042cd0f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 13:31:38 UTC
Server: Apache
ETag: d82a523dfc65d32bf23baf3247b4ab51
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length: 1541
Keep-Alive: timeout=2, max=300
Expires: Tue, 26 Oct 2021 07:29:14 UTC

GET
H/1.1 200
OK dfp-jquery-dhg.js Show response
www.gazettenet.com/CMSScripts/Custom/dfp/ 553 B
652 B 105ms
104ms Script
application/javascript 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/CMSScripts/Custom/dfp/dfp-jquery-dhg.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b96e6534a5fa0a45c75b2b477922e164daa10b3ba4456f8a7c01d03cf30857d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gazettenet.com/
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Content-Encoding: gzip
ETag: "57d5896537ed71:0"
Last-Modified: Wed, 21 Jul 2021 17:08:28 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 317

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 101ms
7ms Stylesheet
text/css 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wje2tqr&ht=tk&f=2013.2014.2015.2016&a=4861676&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wje2tqr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:13 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 v2nkxiiH3APWn928CziPsZdJOcRLofsEy060A078BzyShcQQzftRQYw1X8Y3Q7Y0k Show response
teenytinytongue.com/ 646 KB
116 KB 68ms
34ms Script
text/javascript 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinytongue.com/v2nkxiiH3APWn928CziPsZdJOcRLofsEy060A078BzyShcQQzftRQYw1X8Y3Q7Y0k

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

9a101a5beebe05c13f3c518e462c4f2d1e335b1ba093df3b23adad032025ceb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "2edf17873475e0ccb7b6048d811cfec3dd5284ebdead6e18728413a25bb1ffed"
vary: Accept-Encoding, Accept-Language
x-hostname: 94ecd830
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 26 Oct 2021 05:29:14 GMT
timing-allow-origin: *

GET
H2 200 v2xgvGvixctTLwkXMWiqGqB5Y797A3nxCBAOFkVbbfXoeoHrrhT0x6BCIbcSya5rgZklSP1DqmjFKm0T0Hw Show response
teenytinytongue.com/ 16 KB
6 KB 21ms
21ms Script
text/javascript 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinytongue.com/v2xgvGvixctTLwkXMWiqGqB5Y797A3nxCBAOFkVbbfXoeoHrrhT0x6BCIbcSya5rgZklSP1DqmjFKm0T0Hw

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

029fe8d554312f3b2d1a572510c1e6e6cff5078ab04e72fc7572033c3f54a369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "2c056df0b6ffcd8458e52b5b1e54b57f8e6894ad767229e804dc0c3e5bd036a4"
vary: Accept-Encoding, Accept-Language
x-hostname: 94ecd830
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 26 Oct 2021 05:29:14 GMT
timing-allow-origin: *

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/134518/ Frame 0CB0
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/134518/connatix.playspace.dc.js

1 MB
236 KB

14ms
6ms

Script
application/javascript

151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/134518/connatix.playspace.dc.js
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ab77ca5aa6aaecac0f10e1d7dae18935386251c60587864ab725c687364f8ef3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
last-modified: Mon, 25 Oct 2021 17:08:38 GMT
age: 43574
etag: "89dc9079d24a8ba6d5f60cd989bcbf39"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 241040

Redirect headers

location: https://cds.connatix.com/p/134518/connatix.playspace.dc.js
date: Tue, 26 Oct 2021 05:29:14 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
44 KB 46ms
24ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN992B

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d196f0a77f0c1f9d4e8ff2bb6993ed9dddbf21fabacb69c4779076be04cd0ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44978
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H2 200 l
use.typekit.net/af/dce3d0/000000000000000000013280/27/ 60 KB
60 KB 38ms
7ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dce3d0/000000000000000000013280/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wje2tqr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 96e22ad10ed23535c55539954f8ad06fbace8f3ff0992d9f4e14b64bc34e27b4

Request headers

Referer: https://use.typekit.net/wje2tqr.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
server: nginx
etag: "9d6e25a796fe03126488a01f6920ce5721898d3f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 61552

GET
H/1.1 404
Not Found glyphicons-halflings-regular.woff2
www.gazettenet.com/App_Themes/Home2018/fonts/ 0
0 118ms
117ms Font
text/html 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/App_Themes/Home2018/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gazettenet.com
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Referer: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: private, no-store, must-revalidate
Content-Length: 1245
X-UA-Compatible: IE=Edge

GET
H2 200 l
use.typekit.net/af/1090c3/00000000000000000001327e/27/ 61 KB
61 KB 16ms
12ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1090c3/00000000000000000001327e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wje2tqr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b4cd5821027bd50e4bc9a86cfd7a1e49f16c69025955f1b47220d217bdca9dbc

Request headers

Referer: https://use.typekit.net/wje2tqr.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
server: nginx
etag: "f9df8deaa976def4210613887a991eb7888503e1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 61996

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v26/ 16 KB
17 KB 56ms
16ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 04:16:44 GMT
x-content-type-options: nosniff
age: 349950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16736
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 04:16:44 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

529ba96ae3d23d0ce270ecfb2e016eab3f3f191464cd081004f2dad1fb308fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9JjzIu8JwOixLtgiFTeEGA==
cross-origin-resource-policy: cross-origin
expires: Tue, 26 Oct 2021 05:40:05 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: WKkwxkoo/kR6a2yMrUAvybjH5TZVFWSWxotLVodP6cmRq+YHcymAmhJ7LNVOouOVjTHsIvoKZbkxM19CxH7Jog==
x-fb-trip-id: 686109401
x-fb-content-md5: 248d54c9f6b1d8acbfaad9cc36aab90d
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 26 Oct 2021 05:29:14 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4ae4e1aa60067ee4d897f03ddc18a26d"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 68 KB
68 KB 419ms
418ms Font
font/woff2 104.21.78.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c

Request headers

Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BV9E6PSNY2DYJ043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69608
x-amz-id-2: URUR4E98XjqIBJlERZo2YU/apswYKtjQyPXD2w83fbBtq6pG16fe+I6wPPcbPiU97oTAQWsndRc=
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
server: cloudflare
etag: "659c4d58b00226541ef95c3a76e169c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLkBeISX620eibEysIueiXussc0SqEiJxOUXQNGZQhFYU63PqG3ohPumVFzaq0Keq6U1VSpzC4bJOhzeF7p83KvHGdagj3CJMfYEaystR6IV6H9eJITe6Q0HZ8J7Ga%2BzqQht%2B%2B%2Bn"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6a4149272cb327b8-PRG

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 14 KB
15 KB 22ms
21ms Font
font/woff2 104.21.78.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841

Request headers

Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 561965
cf-ray: 6a4149272cb427b8-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14844
x-amz-id-2: zU+QkbNSkaeKuhyqvQQEkCgx6IOrwE9KAqQ4oJ1bZ3hivUEJ5lwb7jzO2yf9uIKObM8/YQ4A+oo=
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
server: cloudflare
etag: "bdadb6ce95c5a2e7b673940721450d3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgQXdcf9aYc5RZibtjLskTmah21KTuF0PEaQ4TOz%2BoxraQrnvcdkEB8152PgpH0d8qpEvCYCb8F5CFhTmXrgTz0YwPbvCctujnEDMMId5vw3mfHrv8IqSxKx2YnOZcO0yeD0gPZE"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: D9Q1NGJCE0BTY6D3
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 72 KB
73 KB 131ms
131ms Font
font/woff2 104.21.78.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BV99P70HKBSBDY7A
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73852
x-amz-id-2: fqvAXlLev9shCX48YMEZfcbNb42kTe14Q1l3Z4gpHyu/nPhS24X0jFS8D0RRExtoirUYPaTh06I=
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
server: cloudflare
etag: "fb493903265cad425ccdf8e04fc2de61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65jRgMGyxJyB9ILdy4DFz8QY7ZUhZpOczwas5RupSc9NHNC2HnYi17i7SqPVFPvw2qo0Eau5Nhg40PA567Tigi1%2FxLlicjfTgkm7sY1n1tSiRCRQPc%2B5ok9RuAy7S745beifaZld"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6a4149272cb527b8-PRG

GET
H/1.1 404
Not Found glyphicons-halflings-regular.woff
www.gazettenet.com/App_Themes/Home2018/fonts/ 0
0 117ms
117ms Font
text/html 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/App_Themes/Home2018/fonts/glyphicons-halflings-regular.woff

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gazettenet.com
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Referer: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: private, no-store, must-revalidate
Content-Length: 1245
X-UA-Compatible: IE=Edge

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/134518/ 95 KB
13 KB 6ms
6ms Stylesheet
text/css 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/134518/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce34cbb37a01f15bc6322f1a0db46f01a3b303a3bc02dcc7d543db2ebf37e1af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
last-modified: Mon, 25 Oct 2021 17:08:38 GMT
age: 43574
etag: "681dc0447d971f8dc72b7bc1e22712f0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 13334

GET
H2 200 acv.json Show response
teenytinytongue.com/ 210 KB
46 KB 45ms
19ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinytongue.com/acv.json

Requested by

Host: teenytinytongue.com
URL: https://teenytinytongue.com/v2nkxiiH3APWn928CziPsZdJOcRLofsEy060A078BzyShcQQzftRQYw1X8Y3Q7Y0k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
last-modified: Wed, 25 Aug 2021 16:19:31 GMT
x-datacenter: gce-europe-west1
date: Tue, 26 Oct 2021 05:29:14 GMT
vary: Accept-Encoding, Origin
x-hostname: 94ecd830
content-type: application/json
access-control-allow-origin: https://www.gazettenet.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H/1.1 404
Not Found glyphicons-halflings-regular.ttf
www.gazettenet.com/App_Themes/Home2018/fonts/ 0
0 113ms
105ms Font
text/html 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/App_Themes/Home2018/fonts/glyphicons-halflings-regular.ttf

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gazettenet.com
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl
Connection: keep-alive
Referer: https://www.gazettenet.com/App_Themes/Home2018/css/bootstrap.min.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: private, no-store, must-revalidate
Content-Length: 1245
X-UA-Compatible: IE=Edge

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 370 KB
108 KB 42ms
13ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aea8888ece67a693cbc22e8b9e6aaef532619727b4630b0fa214831b84633c53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 14:10:06 GMT
server: AmazonS3
x-amz-request-id: Y6YEHJKAPT775RKA
etag: "29fe12de80ebd3dc729a1377c9b9890e"
x-hw: 1635226154.cds147.fr8.hn,1635226154.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 110110
x-amz-id-2: kkvX/DA0OAPolxklz8j+B9TDEk8QkU7HbRJzbzJexJUXLeLh4o1nRCad56RRJeadpVVJkRBQHhY=

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 265 KB
75 KB 16ms
8ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9c4c2210d0fcb570f93c1fc91a5da3ed

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

4c7b75492dbab3422b752c10e3546bff8840452de85163a118bd7984dfe60313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gazettenet.com/
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TE+oMFqugU3Tt0sVAbwRQg==
cross-origin-resource-policy: cross-origin
expires: Wed, 26 Oct 2022 03:56:35 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76537
x-fb-rlafr: 0
x-fb-debug: 8XJ/+wHZVBFLU/acAjFs2kpQmECmiS8KzCaznA5xSWZRXGUKgjSzZRx+oGp38N/yLRgmLglxLABXXg04Ed/a/g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0818e759b5046c5a733b46cdfb38bf0a
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 26 Oct 2021 05:29:14 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "bb956eff09dfff118c5f03dc6fdffcc1"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 0CB0 2 KB
1 KB 447ms
131ms XHR
multipart/form-data 18.225.3.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=134518
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: af0a984b7f35a76935cb4d2e50df80ef0d3534051db4c897246319361013e2a2

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 26 Oct 2021 05:29:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.gazettenet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1099

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ 270 KB
97 KB 55ms
40ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

399bd440cb9d9711f7a5e6128fcdc6a7fa168eeccff34275c18f7f66721fec27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 98991
x-xss-protection: 0
server: cafe
etag: 2724526229157959626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 5689 10 KB
5 KB 29ms
7ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211020/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazettenet.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 26 Oct 2021 04:50:41 GMT
expires: Tue, 09 Nov 2021 04:50:41 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 2313
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN992B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 5288
date: Tue, 26 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Tue, 26 Oct 2021 06:01:06 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
268 B 101ms
32ms Fetch
text/html 99.80.188.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=102330&gdpr=1

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-188-163.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.gazettenet.com
date: Tue, 26 Oct 2021 05:29:14 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 98ms
29ms Fetch 99.80.188.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync?gdpr=1
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.gazettenet.com
date: Tue, 26 Oct 2021 05:29:14 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 glyphicons-halflings-regular.woff
netdna.bootstrapcdn.com/bootstrap/3.0.0/fonts/ 16 KB
17 KB 43ms
25ms Font
font/woff 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.0.0/fonts/glyphicons-halflings-regular.woff

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-glyphicons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-glyphicons.css
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 718, 718
age: 326878
cdn-cachedat: 2021-04-23 09:29:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16448
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9e778c2c20e8ad78709f94c27556d038
accept-ranges: bytes
cf-ray: 6a4149299ffaf9da-PRG
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
412 B 42ms
14ms XHR
text/plain 74.125.140.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-2853643-2&cid=44599423.1635226154&jid=1915204998&gjid=542900450&_gid=483430814.1635226154&_u=YGBAgAABAAAAAE~&z=990919122

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazettenet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Oct 2021 05:29:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazettenet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
13ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=594100346&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&ul=en-us&de=UTF-8&dt=Microsoft%3A%20Russian%20hackers%20targeting%20cloud%20services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1915204998&gjid=542900450&cid=44599423.1635226154&tid=UA-2853643-2&_gid=483430814.1635226154&gtm=2wgak0MN992B&z=1849301437

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 00:14:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18865
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK flexslider-icon.woff
www.gazettenet.com/App_Themes/FlexSlider/fonts/ 1 KB
2 KB 105ms
104ms Font
application/x-font-woff 52.70.89.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazettenet.com/App_Themes/FlexSlider/fonts/flexslider-icon.woff

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/CMSPages/GetResource.ashx?stylesheetname=Home2018

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.70.89.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-89-118.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gazettenet.com
Accept-Encoding: gzip, deflate, br
Host: www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gazettenet.com/CMSPages/GetResource.ashx?stylesheetname=Home2018
Cookie: CMSPreferredCulture=en-US; ASP.NET_SessionId=4msrfr305r44bz2lcyztcorl; _ga=GA1.2.44599423.1635226154; _gid=GA1.2.483430814.1635226154; _dc_gtm_UA-2853643-2=1
Connection: keep-alive
Referer: https://www.gazettenet.com/CMSPages/GetResource.ashx?stylesheetname=Home2018
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:09 GMT
Last-Modified: Wed, 27 Jan 2016 14:28:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "fa79ccfee59d11:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Accept-Ranges: bytes
Content-Length: 1268

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 27 KB
11 KB 420ms
420ms Fetch
text/html 99.80.188.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=102330&width=1600&gdpr=1&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&icr_url=&va=0&time=1635226154507&up=pc&bn=chrome&bv=93&widget_width=750&style_id=0

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-188-163.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

2b73107755d23ad3efa245755cc8a298dd295e1ab64f6c9e63b88ea90d1bb769

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.gazettenet.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 10694

GET
H2 200 blockedDomains_1.bin Show response
lit.connatix.com/08d719d4-60b7-fae8-1ada-e1be27366cab/ Frame 0CB0 19 B
275 B 30ms
7ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d719d4-60b7-fae8-1ada-e1be27366cab/blockedDomains_1.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3b70954df2af2b4e3dd3b965df4d057528aecfe5e5e9a23e3674964376ce88d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 13:25:12 GMT
age: 2843300
etag: "8282f7c985982a53cbc5cfa9bedb87a1"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 39

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 0CB0 0
299 B 104ms
104ms XHR
multipart/form-data 18.225.3.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=134518
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 26 Oct 2021 05:29:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.gazettenet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 43ms
21ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

fc7839ea7f4f4b3783abe6b75401d534ad60b3f96e1e54b1d05a3e61c516d8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1024 / 202 of 1000 / last-modified: 1635199642"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27202
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H2 200 0a7e2f16-d6e0-4f7e-bae4-49c1e2275226.bin Show response
vid.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/ Frame 0CB0 2 KB
997 B 12ms
6ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/0a7e2f16-d6e0-4f7e-bae4-49c1e2275226.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c767da48cead5fdf9b082d95ed75f1cd1ab2e09e1533cc0f9c46b48671d590da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 10:18:16 GMT
age: 69021
etag: "0b01099ac93d26ca3fd2f4c62bcbbf70"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 813

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0CB0 370 KB
123 KB 40ms
18ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

c3160d4eb1326fe436d7a1edde158f5d5756ee4de884c40ae20c308b4cdf1fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125402
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H2 200 1.png
img.connatix.com/b11177c8-c9ad-41a3-8614-5e825aa6b17c/ 4 KB
4 KB 15ms
7ms Image
image/png 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/b11177c8-c9ad-41a3-8614-5e825aa6b17c/1.png
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3f25cd6dfcd5a89ef697c5568c83d392183c92cda2e81a18bb1fa8b0d8f2b145

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
age: 1278294
etag: "jFfyHD9Hb1on/pmXvvEBZD9fw468ghc08MumxZq/j6Y"
access-control-max-age: 86400
fastly-io-info: ifsz=4174 idim=225x225 ifmt=png ofsz=4174 odim=225x225 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 4179
fastly-io-warning: Failed to shrink image

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 0CB0 0
299 B 140ms
104ms XHR
multipart/form-data 18.225.3.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=134518
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 26 Oct 2021 05:29:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.gazettenet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 0CB0 0
299 B 243ms
104ms XHR
multipart/form-data 18.225.3.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=134518
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 26 Oct 2021 05:29:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.gazettenet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 4a05017e-8d14-4973-864b-933d786bd460.jpg
img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/ 27 KB
27 KB 7ms
7ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/4a05017e-8d14-4973-864b-933d786bd460.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6dffb8af2e99de162d603b9536b7820d0e4fd787d0ded2aa2ed12a221cb19717

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
age: 69021
etag: "KCKs+aYgf2rziDE+TQQYv/9T7AlbI/+u1prsL8IhLko"
access-control-max-age: 86400
fastly-io-info: ifsz=73109 idim=499x325 ifmt=jpeg ofsz=27803 odim=476x325 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 27463

GET
H2 200 4a05017e-8d14-4973-864b-933d786bd460.jpg
img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/ 25 KB
25 KB 7ms
7ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/4a05017e-8d14-4973-864b-933d786bd460.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76f64c769e00612b3060c966520eb503a48e147feee2c74137877bc15470f156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
age: 69021
etag: "x7qnFb7DMWbXvgjnBr3lyPd0zmGj5YCOLRFROZGgPB8"
access-control-max-age: 86400
fastly-io-info: ifsz=73109 idim=499x325 ifmt=jpeg ofsz=25754 odim=499x281 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 25436

GET
H2 200 4ffe7c29-2c92-449c-971f-3dcd0a435cf9.jpg
img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/ 35 KB
35 KB 9ms
9ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/4ffe7c29-2c92-449c-971f-3dcd0a435cf9.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dbb4ae51ab37f61a759bd862b3f8ffcfc99a9a895e993a45a219f5678e10cada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
age: 69021
etag: "O4C3AP/KViQc036N+kKJpRGUqIY2bDK2nsrcChZ8X08"
access-control-max-age: 86400
fastly-io-info: ifsz=80502 idim=750x500 ifmt=jpeg ofsz=35607 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 35219

GET
H2 200 27cdd60a-f62d-47e3-9399-bbd6728cf6d1.jpg
img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/ 26 KB
26 KB 8ms
8ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/27cdd60a-f62d-47e3-9399-bbd6728cf6d1.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 257d757d21768348f8bb3fc8ae29b6758c4427a3d9539a06a356ad88be5cb168

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
age: 69021
etag: "qPEaNSfllx/cI6dpqz9nkpQY1VnogLcI4J5g2Qj194c"
access-control-max-age: 86400
fastly-io-info: ifsz=67440 idim=749x500 ifmt=jpeg ofsz=26748 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26377

GET
H2 200 7c2680b6-4d67-4545-a0d6-904099e582dd.jpg
img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/ 32 KB
31 KB 9ms
9ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/7c2680b6-4d67-4545-a0d6-904099e582dd.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 492549cf8ec37e775c5d5e9b672cff92881ee5ebc6e383637f8c8d8371d8e803

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
age: 69021
etag: "HQ+K49KpqFiYhNy1StBgJGXXZBZfn5l34tKp5Igkl5Q"
access-control-max-age: 86400
fastly-io-info: ifsz=78406 idim=750x500 ifmt=jpeg ofsz=32282 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 31927

GET
H2 200 4a02668c-18fa-452f-8ab9-8e487862f8dc.jpg
img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/ 28 KB
28 KB 9ms
8ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/664ab25c-fd98-499d-ad8c-999eff1bcfba/4a02668c-18fa-452f-8ab9-8e487862f8dc.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 51fba9af48e0eda3ee755a749ac0900e9aef76b53488e982e87b957cbc5760b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: br
age: 69021
etag: "KHdrwaGVeiuJeAmBr7sb/Fi9U9jmGBB6hdCAl7/sb3U"
access-control-max-age: 86400
fastly-io-info: ifsz=63341 idim=750x500 ifmt=jpeg ofsz=28885 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 28512

GET
H3 200 pubads_impl_2021101901.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 49ms
25ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125444
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 08:35:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 139 B
135 B 30ms
17ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazettenet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

956092c7d76cf02bffb62a154aafa4ef2ae490cbc7dc316e1472d34d18ee06da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 110
x-xss-protection: 0
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H3 200 bridge3.486.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame ED21 578 KB
190 KB 35ms
14ms Document
text/html 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.486.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazettenet.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194260
date: Fri, 22 Oct 2021 01:55:39 GMT
expires: Sat, 22 Oct 2022 01:55:39 GMT
last-modified: Wed, 20 Oct 2021 22:06:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 358415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0CB0 44 KB
17 KB 63ms
23ms Script
text/javascript 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H3 200 bridge3.486.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0AF8 578 KB
190 KB 14ms
14ms Document
text/html 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.486.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazettenet.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194260
date: Fri, 22 Oct 2021 01:55:39 GMT
expires: Sat, 22 Oct 2022 01:55:39 GMT
last-modified: Wed, 20 Oct 2021 22:06:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 358415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 bridge3.486.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame A555 578 KB
190 KB 18ms
18ms Document
text/html 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.486.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazettenet.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194260
date: Fri, 22 Oct 2021 01:55:39 GMT
expires: Sat, 22 Oct 2022 01:55:39 GMT
last-modified: Wed, 20 Oct 2021 22:06:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 358415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK fotomoto-v2-min.css
static-fotomoto-com.s3.amazonaws.com/assets/ 174 KB
23 KB 447ms
121ms Stylesheet
text/css 52.216.153.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-v2-min.css?1635001635
Requested by: Host: widget.fotomoto.com
URL: https://widget.fotomoto.com/stores/script/e35d9ad9f3a6e33f77b5ee958c3477a37aca0504.js?api=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.153.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: eddd5530bb19ac89c4c79678d7a2e6d1d17cef003139428583aba7a5bc1ffa79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Apr 2021 16:41:35 GMT
Server: AmazonS3
x-amz-request-id: S3T2X2BCZ1Q6CDWF
ETag: "366d327b1d300dcdf73385fc3d5f6f73"
Content-Type: text/css
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 23403
x-amz-id-2: w9CUK9u4DJtZiCq0TcHV6oCwTw/ZRQIFzr42xCpfuCZpOovxI3Uo0SdPjZTSkqoFbt13EpcAX8M=
Expires: Sun, 03 Apr 2022 16:41:34 GMT

GET
H/1.1 200
OK e35d9ad9f3a6e33f77b5ee958c3477a37aca0504.css
widget.fotomoto.com/stores/style/ 25 B
641 B 118ms
117ms Stylesheet
text/css 54.225.191.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.fotomoto.com/stores/style/e35d9ad9f3a6e33f77b5ee958c3477a37aca0504.css
Requested by: Host: widget.fotomoto.com
URL: https://widget.fotomoto.com/stores/script/e35d9ad9f3a6e33f77b5ee958c3477a37aca0504.js?api=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.191.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-191-147.compute-1.amazonaws.com
Software: nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack) / Phusion Passenger (mod_rails/mod_rack) 3.0.11
Resource Hash: dc3ef4f490cf0506a2f1b048fb473c09f4decbe96c1aa1747528812e89ac09eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:28:51 GMT
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.11
Status: 200
Connection: keep-alive
Content-Length: 25
X-Request-Id: 9a5144e2dae90b762067733d3b12808b
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.008645
Server: nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack)
ETag: "b62860b17ed4ef77981e4abab1cfbf86"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
X-Rack-Cache: miss

GET
H/1.1 200
OK fotomoto-min.js Show response
static-fotomoto-com.s3.amazonaws.com/assets/ 644 KB
256 KB 446ms
120ms Script
text/javascript 52.216.153.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-min.js?1635001635
Requested by: Host: widget.fotomoto.com
URL: https://widget.fotomoto.com/stores/script/e35d9ad9f3a6e33f77b5ee958c3477a37aca0504.js?api=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.153.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9fa052dbe5b8ad848a5059450de97e8d3e6f92e9f91ed509407b284d3b868612

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Apr 2021 16:41:27 GMT
Server: AmazonS3
x-amz-request-id: S3T1Q0CDV2ZZ5K92
ETag: "2c98b2e97b1c95dcb34f0c5250fdd5ba"
Content-Type: text/javascript
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 261732
x-amz-id-2: g4fHvXldrQq3WZ5jx8hYjj4osA9g5YkG9f++Rpxjtt9Gag7EA1bTIYie4RoanqIovtxRYmsCCQA=
Expires: Sun, 03 Apr 2022 16:41:26 GMT

GET
H/1.1 200
OK 281066 Show response
api.secondstreetapp.com/audience_signup_widgets/ 3 KB
2 KB 427ms
105ms Script
text/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.secondstreetapp.com/audience_signup_widgets/281066?callback=secondStreetOptinWidget_281066
Requested by: Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-45.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f1fa40a54ead2ec64b75d01c6f028c675b161b058d7ca88ed0aafd521f4d129c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:30:18 GMT
Content-Encoding: br
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Age: 283
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 105
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|4491f2d7-27cf-4580-9a66-a96966b7cdbd|C69601|CD68
Cache-Control: public, max-age=600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1139
Expires: Tue, 26 Oct 2021 05:34:32 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 18ms
15ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/CMSScripts/Custom/dfp/jquery.dfp.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2b7b4c54c8aba45d655524723eabd356e745d7ef74152773210dfd265fe84310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1024 / 358 of 1000 / last-modified: 1635199591"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27200
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Oct 2021 05:29:14 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 45ms
7ms Script
application/x-javascript 143.204.98.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.142 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-142.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:19:53 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
age: 562
etag: W/"60e79439-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jEi3VuztTNdbaXuPcVEzZgXeKWjAPn2fvJZJe6NN6fm6SIQSOTB2jw==
expires: Tue, 26 Oct 2021 07:19:53 GMT

GET
H2 200 vfg-eU1CBMFESkfqGGnJ5bFP31itaYjtG9L7clLF9cf74eioAqOFKPlOxXO6TgMsmHt Show response
sicksmash.com/v2/0/ 645 KB
116 KB 71ms
34ms Script
text/javascript 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sicksmash.com/v2/0/vfg-eU1CBMFESkfqGGnJ5bFP31itaYjtG9L7clLF9cf74eioAqOFKPlOxXO6TgMsmHt

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

212.103.201.35.bc.googleusercontent.com

Software

Resource Hash

984714318ac0d2f39a6c214b3daeffe68a5eb461ac0ffe808c8c29bddb1e0d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "2edf17873475e0ccb7b6048d811cfec3dd5284ebdead6e18728413a25bb1ffed"
vary: Accept-Encoding, Accept-Language
x-hostname: 94ecd830
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 26 Oct 2021 05:29:15 GMT
timing-allow-origin: *

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
259 B 105ms
29ms Image
image/gif 52.51.68.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.68.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-68-144.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:15 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 22615560
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

GET
H2 200 comments.php
www.facebook.com/v2.5/plugins/ Frame 11FB 0
0 40ms
25ms Document
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/comments.php?app_id=833431040023870&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3806be0250e1cc%26domain%3Dwww.gazettenet.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gazettenet.com%252Ff11077c68dc6e6%26relation%3Dparent.parent&container_width=750&height=100&href=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&locale=en_US&numposts=5&sdk=joey&version=v2.5&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9c4c2210d0fcb570f93c1fc91a5da3ed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self';img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/comments.php?app_id=833431040023870&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3806be0250e1cc%26domain%3Dwww.gazettenet.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gazettenet.com%252Ff11077c68dc6e6%26relation%3Dparent.parent&container_width=750&height=100&href=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&locale=en_US&numposts=5&sdk=joey&version=v2.5&width=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazettenet.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: X002m9yKsIaCQxNwzEWHE0w9OggGnIqR9EVYhBoYVpK0tRsSR+pKZdNs0ikpe+dgjfZ4VGfzoMwX3fEuDj33Aw==
content-length: 0
date: Tue, 26 Oct 2021 05:29:15 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK / Show response
northamptondaily-ma-pw.newsmemory.com/ 185 KB
40 KB 180ms
179ms Script
application/x-javascript 216.17.34.118
USINTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&ta_MACHINE_ID=d82a523dfc65d32bf23baf3247b4ab51&v=4&r=7460
Requested by: Host: northamptondaily-ma-pw.newsmemory.com
URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&v=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.17.34.118 Olivia, United States, ASN10242 (USINTERNET, US),
Reverse DNS: ussrv26.newsmemory.com
Software: Apache /
Resource Hash: c0dd070e12dff9daf7fc2a3f8a0f1e6e697956fc0ce5ce8e4a767f0548fc6f0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 4 Dec 2020 16:07:51 UTC
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length: 40626
Keep-Alive: timeout=2, max=299
Expires: Tue, 26 Oct 2021 07:29:15 UTC

GET
H3

200

activityi;dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408 Show response
4906953.fls.doubleclick.net/ Frame 15C5
Redirect Chain

https://4906953.fls.doubleclick.net/activityi;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408?
https://4906953.fls.doubleclick.net/activityi;dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408?

444 B
374 B

33ms
19ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4906953.fls.doubleclick.net/activityi;dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN992B

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

8e4b755ce9b69cd498dc18ba7325d8087c2af2abc2cc33abfb9ecabf64a974f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4906953.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazettenet.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 26 Oct 2021 05:29:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 349
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 26-Oct-2021 05:44:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 26 Oct 2021 05:29:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4906953.fls.doubleclick.net/activityi;dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 97ms
35ms Fetch 99.80.188.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-188-163.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.gazettenet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.gazettenet.com
date: Tue, 26 Oct 2021 05:29:15 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 46ms
18ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:15 GMT
last-modified: Fri, 22 Oct 2021 14:14:01 GMT
etag: "1634912041"
x-hw: 1635226155.cds001.fr8.hn,1635226155.cds130.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=75451
accept-ranges: bytes
content-length: 4298

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 336ms
110ms Image
image/gif 54.165.118.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=gazettenet.com&p=%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&u=CPpWqZBuXNzB8FY2H&d=gazettenet.com&g=62369&g0=News%2FNation-World&g1=ALAN%20SUDERMAN&n=1&f=00001&c=0&x=0&m=0&y=4056&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3681&t=C9i4YXCS4lZYBDTCOCVQUhRBGZB32&V=128&i=Microsoft%3A%20Russian%20hackers%20targeting%20cloud%20services&tz=0&sn=1&sv=C2q6FIDmBBYeDWvA4ABV88Y_BrEcm2&sd=1&im=067b2fff&_
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.118.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-118-4.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 05:29:15 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 acv.json Show response
sicksmash.com/ 210 KB
46 KB 42ms
18ms Fetch
application/json 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sicksmash.com/acv.json

Requested by

Host: sicksmash.com
URL: https://sicksmash.com/v2/0/vfg-eU1CBMFESkfqGGnJ5bFP31itaYjtG9L7clLF9cf74eioAqOFKPlOxXO6TgMsmHt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

212.103.201.35.bc.googleusercontent.com

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
last-modified: Wed, 25 Aug 2021 16:19:31 GMT
x-datacenter: gce-europe-west1
date: Tue, 26 Oct 2021 05:29:15 GMT
vary: Accept-Encoding, Origin
x-hostname: 94ecd830
content-type: application/json
access-control-allow-origin: https://www.gazettenet.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 d23243096248de17c3cdbdfd8884109d.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 10 KB
11 KB 43ms
15ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/d23243096248de17c3cdbdfd8884109d.jpg

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

10b66812761dc8641f839a246aeb84c075ee4ddc36b26c33ea4f3c492fd409a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Oct 2021 16:08:40 GMT
server: Cloudinary
etag: "f101a8c601dce0bf4ada5139fa14263f"
strict-transport-security: max-age=604800
x-hw: 1635226155.cds141.fr8.hn,1635226155.cds229.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-10-21T16:13:50.869Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 10472

GET
H2 200 61698ea6d4e451-48550006.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 16 KB
17 KB 32ms
15ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61698ea6d4e451-48550006.jpeg

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

480a336e9f77b4674176edc9048019dfc9bc3d912d53b52f2cb1bd1c826f3e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 14:04:21 GMT
server: Cloudinary
etag: "d8535746520b0240874033fb68e3a812"
strict-transport-security: max-age=604800
x-hw: 1635226155.cds141.fr8.hn,1635226155.cds141.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-10-25T14:08:20.372Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 16785

GET
H2 200 4325a33158dbee06f653ffe5f9fb1134.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 5 KB
5 KB 34ms
19ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/4325a33158dbee06f653ffe5f9fb1134.jpg

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b095e90e62cbb516b17f882835f49b2204c5f6db95cc514ac9ade39438bfc89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 14:16:28 GMT
server: Cloudinary
etag: "f507d559653fbb828143aa72443f5552"
strict-transport-security: max-age=604800
x-hw: 1635226155.cds141.fr8.hn,1635226155.cds217.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-10-06T14:23:13.875Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 4649

GET
H2 200 12d615d56c01c77c0f5bd7d318c46cc8.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 4 KB
4 KB 38ms
25ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/12d615d56c01c77c0f5bd7d318c46cc8.jpg

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5896f48b050db0cbc6dcf063772ef612f9d7219864e0ee0764495d4d38787cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:51:37 GMT
server: Cloudinary
etag: "1a28d2eb40ce03415a9f2b7afc84ebe5"
strict-transport-security: max-age=604800
x-hw: 1635226155.cds141.fr8.hn,1635226155.cds138.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-10-06T15:53:09.865Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 3924

GET
H2 200 15325530070980734337.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 38ms
26ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15325530070980734337.jpg

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

47bb94fe059f61b77d91dacf179c1495ad3bb442df65b776e50fdba41342c6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 14:16:25 GMT
server: Cloudinary
etag: "6ee8798297a52bd0f9fa11b1b77d3451"
strict-transport-security: max-age=604800
x-hw: 1635226155.cds141.fr8.hn,1635226155.cds220.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=109;cpu=0;start=2021-05-06T14:16:25.184Z;desc=miss,rtt;dur=1,cloudinary;dur=14;start=2021-05-06T14:16:25.233Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 10961

GET
H2 200 f0b0be6fc19358c5554b11ce05bcaf37.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 10 KB
10 KB 36ms
27ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/f0b0be6fc19358c5554b11ce05bcaf37.png

Requested by

Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7759a85ac5d5c87d05954ba1bbab30832dff7dd06a16a1991050cd5555f1e688

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 05:29:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 18:19:21 GMT
server: Cloudinary
etag: "f15fbe875d22274eb70eece4d3a80d91"
strict-transport-security: max-age=604800
x-hw: 1635226155.cds141.fr8.hn,1635226155.cds237.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=117;cpu=1;start=2021-08-19T18:21:01.345Z;desc=miss,rtt;dur=0,cloudinary;dur=21;start=2021-08-19T18:21:01.396Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 10020

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408;~oref=https://www.gazettenet.com/ Frame 4BF6 194 B
598 B 93ms
52ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408;~oref=https://www.gazettenet.com/

Requested by

Host: 4906953.fls.doubleclick.net
URL: https://4906953.fls.doubleclick.net/activityi;dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CNaq5pCs5_MCFdhuGwod5tUBHA;src=4906953;type=invmedia;cat=r6adv9wb;ord=1642091763740.3408;~oref=https://www.gazettenet.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4906953.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4906953.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 26 Oct 2021 05:29:15 GMT
expires: Tue, 26 Oct 2021 05:29:15 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 css
fonts.googleapis.com/ Frame 4883 2 KB
436 B 32ms
17ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 05:29:15 GMT
server: ESF
date: Tue, 26 Oct 2021 05:29:15 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 26 Oct 2021 05:29:15 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 4883 30 KB
30 KB 42ms
18ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:58:13 GMT
x-content-type-options: nosniff
age: 354662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 02:58:13 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 4883 30 KB
30 KB 37ms
15ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazettenet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:58:13 GMT
x-content-type-options: nosniff
age: 354662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 02:58:13 GMT

GET
H/1.1 200
OK / Show response
northamptondaily-ma-pw.newsmemory.com/ 88 B
546 B 536ms
164ms XHR
text/html 216.17.34.118
USINTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&service=autologout&ta_MACHINE_ID=d82a523dfc65d32bf23baf3247b4ab51&r=1635226155439
Requested by: Host: northamptondaily-ma-pw.newsmemory.com
URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&ta_MACHINE_ID=d82a523dfc65d32bf23baf3247b4ab51&v=4&r=7460
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.17.34.118 Olivia, United States, ASN10242 (USINTERNET, US),
Reverse DNS: ussrv26.newsmemory.com
Software: Apache /
Resource Hash: 550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length: 101
Keep-Alive: timeout=2, max=300

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 35ms
34ms Fetch 99.80.188.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-188-163.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.gazettenet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.gazettenet.com
date: Tue, 26 Oct 2021 05:29:15 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 35ms
35ms Fetch 99.80.188.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-188-163.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.gazettenet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.gazettenet.com
date: Tue, 26 Oct 2021 05:29:15 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H/1.1 200
OK fotomoto_loading.gif
static-fotomoto-com.s3.amazonaws.com/assets/ 3 KB
3 KB 113ms
112ms Image
image/gif 52.216.153.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto_loading.gif
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.153.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62921350ddf3d7ac9045e2252ac924de81442b5c7f144346feae343fb30881a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:16 GMT
Last-Modified: Sat, 03 Apr 2021 16:40:49 GMT
Server: AmazonS3
x-amz-request-id: S3T75QW1EKMJKMPW
ETag: "d254f167f7c92c9f0f68832aca643734"
Content-Type: image/gif
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 3117
x-amz-id-2: AyCHNgV8mlG7sPkC+VTumiqGhbNaZuKTl5ToS5yvmhvSfA+O0asE73z7e+79A180dD1yff4AJ6M=
Expires: Sun, 03 Apr 2022 16:40:48 GMT

GET
H/1.1 200
OK widget_sprite.png
static-fotomoto-com.s3.amazonaws.com/assets/ 41 KB
42 KB 112ms
111ms Image
image/png 52.216.153.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-fotomoto-com.s3.amazonaws.com/assets/widget_sprite.png
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.153.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3ed247a67eac1003c708ddd1f12d8bbd831e22c6433f25285bb432531fda98a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:16 GMT
Last-Modified: Sat, 03 Apr 2021 16:41:20 GMT
Server: AmazonS3
x-amz-request-id: S3T4PV2N8BWCD2V3
ETag: "3feaf624895576500aa0dcf9663fe488"
Content-Type: image/png
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 42076
x-amz-id-2: d2rbHRN6V6u6qkf/PTB5uDieJFTdTAR5ZkE4yMeFJKFMvgL5eGDihnekr+1sB0R5MQKaaMJONSo=
Expires: Sun, 03 Apr 2022 16:41:19 GMT

GET
H/1.1 200
OK blank.gif
static-fotomoto-com.s3.amazonaws.com/assets/ 1 KB
1 KB 227ms
114ms Image
image/gif 52.216.153.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-fotomoto-com.s3.amazonaws.com/assets/blank.gif
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.153.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7de5a2cafafe8dce046705c7fa7394e2f6afa1f101f8b6e52251a0d69ebfc115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:16 GMT
Last-Modified: Sat, 03 Apr 2021 16:38:45 GMT
Server: AmazonS3
x-amz-request-id: S3T8AHTSQ318QE9C
ETag: "b2b9f49ec8180a067aa2ca9803c1ce4c"
Content-Type: image/gif
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 1095
x-amz-id-2: ctvwdQ/fbscau5WcwXBYj2JDIeRv6AbRUVWUOx6WRxYJe/3PoSAwrP6QSQlaym9jMLHoh6LoqbU=
Expires: Sun, 03 Apr 2022 16:38:44 GMT

GET
H/1.1 200
OK fotomoto-metal-print-icon_19x15px.png
static-fotomoto-com.s3.amazonaws.com/assets/ 303 B
740 B 325ms
112ms Image
image/png 52.216.153.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-metal-print-icon_19x15px.png
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.153.44 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 34b524307ac30874f393fa659bb78d28527136960a3dd32e098fc2adca02a4a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Last-Modified: Sat, 03 Apr 2021 16:39:06 GMT
Server: AmazonS3
x-amz-request-id: DK0QV958QN3S6WD2
ETag: "0786ce2cead4581fd1bb15acbf027b3d"
Content-Type: image/png
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 303
x-amz-id-2: 3/FaScocvQ5zj0YKjoIdhHJlLRWb7nW6cWBBTYWxVKFHldg3rX/FishZbiu8kXn9xEe3e5KcWUs=
Expires: Sun, 03 Apr 2022 16:39:05 GMT

GET
H/1.1 200
OK e35d9ad9f3a6e33f77b5ee958c3477a37aca0504_wlogo.jpg
s3.amazonaws.com/img.fotomoto.com/s/ 7 KB
7 KB 453ms
131ms Image
image/jpeg 52.217.36.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/img.fotomoto.com/s/e35d9ad9f3a6e33f77b5ee958c3477a37aca0504_wlogo.jpg
Requested by: Host: www.gazettenet.com
URL: https://www.gazettenet.com/Microsoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.36.214 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47138cec7aaa5cc92a7d28db495ae61c0266e17a0b3f3374c72e369d9023f3f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Last-Modified: Fri, 25 Jun 2021 23:11:02 GMT
Server: AmazonS3
x-amz-request-id: DK0JQ7KB28WP5JTK
ETag: "eafe2b6f84140561ac130843efeafc07"
Content-Type
Accept-Ranges: bytes
Content-Length: 7329
x-amz-id-2: QohFzPpy5PBgN5j8qSmAdviMenxUSxVpf4RDbfjBvK/k9l0Ehwt+bVBRyrV/XvxUpCSUgpZPDhU=

GET
H/1.1 200
OK / Show response
northamptondaily-ma-pw.newsmemory.com/ 143 B
581 B 381ms
381ms XHR
text/html 216.17.34.118
USINTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&service=validate&ta_MACHINE_ID=d82a523dfc65d32bf23baf3247b4ab51&ACI=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&productType=ARTICLE&referer=&cat=metered&locallyLogged=0&r=1635226155979&mac=786e881e1ae305bb2c829228b6b615a3
Requested by: Host: northamptondaily-ma-pw.newsmemory.com
URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&ta_MACHINE_ID=d82a523dfc65d32bf23baf3247b4ab51&v=4&r=7460
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.17.34.118 Olivia, United States, ASN10242 (USINTERNET, US),
Reverse DNS: ussrv26.newsmemory.com
Software: Apache /
Resource Hash: c1f55dfcd57a42d0475aaf7c66f7e17a2603f97c53b03adb6884695e808e1f3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:16 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length: 136
Keep-Alive: timeout=2, max=299

POST
H2 200 v2disFIJJz7Wd6Plhv20KsqBQby1UKlyrgP_qnaMKPqZdJkMgSj-8xX9iAYOkDiAfot6hRDwmq2nLWhQyEw Show response
teenytinytongue.com/ 216 B
347 B 18ms
18ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinytongue.com/v2disFIJJz7Wd6Plhv20KsqBQby1UKlyrgP_qnaMKPqZdJkMgSj-8xX9iAYOkDiAfot6hRDwmq2nLWhQyEw

Requested by

Host: teenytinytongue.com
URL: https://teenytinytongue.com/v2nkxiiH3APWn928CziPsZdJOcRLofsEy060A078BzyShcQQzftRQYw1X8Y3Q7Y0k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

7455d2a0bd7147fc7c02c8840a06be07f1bc4e65b5ec0309b9f9adff23e6ab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.gazettenet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 26 Oct 2021 05:29:16 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazettenet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 26 Oct 2021 05:29:15 GMT

POST
H2 200 v2tzaIDrMnVNmz-QwSveT1vaeF9Xt68qBD6KtU4Qry6GUbASClzIBHjLyt4bQckq1zIfD--ZE Show response
teenytinytongue.com/ 216 B
249 B 17ms
16ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinytongue.com/v2tzaIDrMnVNmz-QwSveT1vaeF9Xt68qBD6KtU4Qry6GUbASClzIBHjLyt4bQckq1zIfD--ZE

Requested by

Host: sicksmash.com
URL: https://sicksmash.com/v2/0/vfg-eU1CBMFESkfqGGnJ5bFP31itaYjtG9L7clLF9cf74eioAqOFKPlOxXO6TgMsmHt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

e37c1e9cf060de9f8513dcac769bfa837fab8393b6bac58aca1d9830d16ba46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.gazettenet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 26 Oct 2021 05:29:16 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazettenet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 26 Oct 2021 05:29:15 GMT

GET
H/1.1 200
OK / Show response
widget.fotomoto.com/cart/get_data/ 28 B
536 B 118ms
118ms Script
text/javascript 54.225.191.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.fotomoto.com/cart/get_data/?act=cart_load&app_store_id=e35d9ad9f3a6e33f77b5ee958c3477a37aca0504&fotomoto_cart_session_key=e493a41635226130&cachebursted=1635226156325&_=1635226155797
Requested by: Host: static-fotomoto-com.s3.amazonaws.com
URL: https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-min.js?1635001635
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.191.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-191-147.compute-1.amazonaws.com
Software: nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack) / Phusion Passenger (mod_rails/mod_rack) 3.0.11
Resource Hash: 8e93349045c292abefc8570cfd48917319ff51e567f1192982e6187d56f8bc13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Runtime: 0.009498
Date: Tue, 26 Oct 2021 05:28:52 GMT
X-Rack-Cache: miss
Server: nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.11
ETag: "4b7c6cc8909f4a2359ac1471c2843731"
Content-Type: text/javascript; charset=utf-8
Status: 200
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 28
X-Request-Id: 1216ab8fbf1ecfe5df1e51e379551048
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Cookie set toolbar.html Show response
www.fotomoto.com/analytics/ Frame 98D7 829 B
1 KB 411ms
98ms Document
text/html 174.129.235.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fotomoto.com/analytics/toolbar.html
Requested by: Host: static-fotomoto-com.s3.amazonaws.com
URL: https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-min.js?1635001635
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.235.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-235-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7243ea95b6a327c78dcf6d651ac4fda9e4024e0b4f09f735a7c0f66f9c2f6c02

Request headers

Host: www.fotomoto.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gazettenet.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/

Response headers

Accept-Ranges: bytes
Cache-control: no-cache="set-cookie"
Content-Type: text/html
Date: Tue, 26 Oct 2021 05:28:52 GMT
Last-Modified: Thu, 05 Mar 2020 06:11:32 GMT
Server: nginx
Set-Cookie: AWSELB=9BA39BA70ABC0E0E9A0D243FCF17D78E4CB2999E21FDC8193EDABB1BB32477E49BD24A9AF2A1E85BEA73188F3BC38C3DED6D833BC0C6F5C8C0258B25F8D5DC11D7EACBA30F;PATH=/;MAX-AGE=120 AWSELBCORS=9BA39BA70ABC0E0E9A0D243FCF17D78E4CB2999E21FDC8193EDABB1BB32477E49BD24A9AF2A1E85BEA73188F3BC38C3DED6D833BC0C6F5C8C0258B25F8D5DC11D7EACBA30F;PATH=/;MAX-AGE=120;SECURE;SAMESITE=None
Content-Length: 829
Connection: keep-alive

GET
DATA 200
OK truncated
/ 17 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17ce5ab42fc851c8e1b435749fd85c55486f866762ac5b6c004828d87221699f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e79923a6bf3023c41b587390a8b3651a2acc6fa717f9c2b421639625a596a6a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 111 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a5419d4e7c7489df1ffee0bd3782e43948ac0becbb3984bda63d49d201f37e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 v2ieuOQuk5qeuQ4rqoNKGe5DV2_cCpdtxUIAi_xJ0Plu-EatGsaifoN0jAN_5STLkMRtLE81y_aXmnu1_ow Show response
teenytinytongue.com/ 3 B
36 B 34ms
33ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinytongue.com/v2ieuOQuk5qeuQ4rqoNKGe5DV2_cCpdtxUIAi_xJ0Plu-EatGsaifoN0jAN_5STLkMRtLE81y_aXmnu1_ow

Requested by

Host: teenytinytongue.com
URL: https://teenytinytongue.com/v2nkxiiH3APWn928CziPsZdJOcRLofsEy060A078BzyShcQQzftRQYw1X8Y3Q7Y0k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.gazettenet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 26 Oct 2021 05:29:16 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazettenet.com
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

POST
H2 200 v2rggeOsTDtVC9tyXQa9ScddLu-gVYRGHH8Q8YnWzvQgGm4PzZ3ThkJije68DnQsEiDRJBL6T Show response
teenytinytongue.com/ 3 B
34 B 32ms
31ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://teenytinytongue.com/v2rggeOsTDtVC9tyXQa9ScddLu-gVYRGHH8Q8YnWzvQgGm4PzZ3ThkJije68DnQsEiDRJBL6T

Requested by

Host: sicksmash.com
URL: https://sicksmash.com/v2/0/vfg-eU1CBMFESkfqGGnJ5bFP31itaYjtG9L7clLF9cf74eioAqOFKPlOxXO6TgMsmHt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.gazettenet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 26 Oct 2021 05:29:16 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazettenet.com
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H/1.1 200
OK Cookie set / Show response
northamptondaily-ma.newsmemory.com/ Frame 8646 11 KB
3 KB 427ms
105ms Document
text/html 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/?myaccount&MACHINEID=d82a523dfc65d32bf23baf3247b4ab51&useMessages=1&3rdPartyCookies=1&callFrom=paywall&popup=productsLeft&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693
Requested by: Host: northamptondaily-ma-pw.newsmemory.com
URL: https://northamptondaily-ma-pw.newsmemory.com/?meter&ta_MACHINE_ID=d82a523dfc65d32bf23baf3247b4ab51&v=4&r=7460
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: aaaa335a345e92387875d52c12ee434bb1fa60e6353a083c4cd768b855c5198b

Request headers

Host: northamptondaily-ma.newsmemory.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gazettenet.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazettenet.com/

Response headers

Date: Tue, 26 Oct 2021 05:29:16 GMT
Server: Apache
Set-Cookie: MACHINEID=d82a523dfc65d32bf23baf3247b4ab51; expires=Thu, 25-Nov-2021 05:29:16 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3089
Content-Type: text/html

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 98D7 49 KB
19 KB 13ms
13ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fotomoto.com
URL: https://www.fotomoto.com/analytics/toolbar.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fotomoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 5290
date: Tue, 26 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Tue, 26 Oct 2021 06:01:06 GMT

GET
H/1.1 200
OK Cookie set createaccount.php Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/ Frame 0E5E 17 KB
7 KB 318ms
318ms Document
text/html 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/?myaccount&MACHINEID=d82a523dfc65d32bf23baf3247b4ab51&useMessages=1&3rdPartyCookies=1&callFrom=paywall&popup=productsLeft&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f018919bbf27d3e5c04725b1f39ea186e466066ab01e7afbd13bd80c446d6f0d

Request headers

Host: northamptondaily-ma.newsmemory.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://northamptondaily-ma.newsmemory.com/?myaccount&MACHINEID=d82a523dfc65d32bf23baf3247b4ab51&useMessages=1&3rdPartyCookies=1&callFrom=paywall&popup=productsLeft&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693
Accept-Encoding: gzip, deflate, br
Cookie: MACHINEID=d82a523dfc65d32bf23baf3247b4ab51
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/?myaccount&MACHINEID=d82a523dfc65d32bf23baf3247b4ab51&useMessages=1&3rdPartyCookies=1&callFrom=paywall&popup=productsLeft&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693

Response headers

Date: Tue, 26 Oct 2021 05:29:16 GMT
Server: Apache
Set-Cookie: dr=pW-SSO; expires=Wed, 27-Oct-2021 05:29:16 GMT; domain=.northamptondaily-ma.newsmemory.com udb_northamptondaily_username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com TAUID=-1; expires=Thu, 25-Nov-2021 05:29:16 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com TAUID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com udb_northamptondaily_username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com TAUID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com udb_northamptondaily_username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com udb_northamptondaily_remember=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com udb_northamptondaily_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=.northamptondaily-ma.newsmemory.com TAUID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=northamptondaily-ma.newsmemory.com username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=northamptondaily-ma.newsmemory.com udb_northamptondaily_username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=northamptondaily-ma.newsmemory.com udb_northamptondaily_remember=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=northamptondaily-ma.newsmemory.com udb_northamptondaily_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; SameSite=None; Secure; domain=northamptondaily-ma.newsmemory.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4101
Content-Type: text/html

GET
H/1.1 200
OK jquery.min.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/lib/ Frame 0E5E 85 KB
30 KB 103ms
102ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/lib/jquery.min.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "11e6b2d-15282-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 30138

GET
H/1.1 200
OK bigint.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/encryption/ Frame 0E5E 15 KB
5 KB 306ms
102ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/encryption/bigint.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a72635596c0f47d525f4763cbe6171dd4731346ba1c3c616fe61d2f9ea12b6c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "524d20d-3d1c-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4590

GET
H/1.1 200
OK md5.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/ Frame 0E5E 9 KB
3 KB 334ms
114ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/md5.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 72259b2acd53d518b2b04965e1f29f83fd54ce0c5a39c088bb84411ec5995cd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "d417588-2283-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 2954

GET
H/1.1 200
OK util.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/ Frame 0E5E 22 KB
6 KB 392ms
99ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/util.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e975917d01767eb356573baccceec8e389ce004769358939c324a47b52b237d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "d41758b-577e-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5915

GET
H/1.1 200
OK barrett.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/encryption/ Frame 0E5E 2 KB
1008 B 390ms
98ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/encryption/barrett.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: df0be3b4daf1631fdd23f2b73628ae1998710c61beda2325ab8eefccee160aa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "524d20c-714-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 734

GET
H/1.1 200
OK rsa.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/encryption/ Frame 0E5E 2 KB
1 KB 398ms
98ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/encryption/rsa.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7e618eba2a5d7fa24221f0efba3deddc69a618727325876656ba94ca7c9aa402

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "524d20e-9a4-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 1102

GET
H/1.1 200
OK cookie.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/ Frame 0E5E 4 KB
2 KB 407ms
102ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/js/cookie.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a8a0d127b9ef344eedf02d646724a35737790830780f871e96edd808ed39d11e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "d417581-10cf-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 1403

GET
H/1.1 200
OK ipadLogin.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/ Frame 0E5E 9 KB
3 KB 444ms
111ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/ipadLogin.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: af4171e7ef8666aa412bcd93a42504851491c8c397870552b3ca323d0b0509b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "8ecf8e9-2479-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 2863

GET
H/1.1 200
OK localStorageIFrame.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/ Frame 0E5E 4 KB
2 KB 489ms
98ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/localStorageIFrame.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 1eb62a863a4c97804d1f849b97639ce79215a6322031d107ef6d0e8bb4b55689

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "8ecf8ea-115c-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 1307

GET
H/1.1 200
OK heightResizer.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/ Frame 0E5E 834 B
605 B 488ms
98ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/heightResizer.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 02b40649e4410daff3628c3dc632e8b0a313fe1ffdbaca115550e7189f2d3f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "8ecf8e8-342-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 331

GET
H/1.1 200
OK bootstrap.min.js Show response
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/lib/ Frame 0E5E 36 KB
10 KB 489ms
99ms Script
text/javascript 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/lib/bootstrap.min.js
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "11df0df-90b5-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9833

GET
H/1.1 200
OK bootstrap.min.css
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/lib/ Frame 0E5E 118 KB
20 KB 388ms
197ms Stylesheet
text/css 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/lib/bootstrap.min.css
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "11df0de-1d970-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 19744

GET
H/1.1 200
OK createaccount.css
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/ Frame 0E5E 4 KB
1 KB 288ms
97ms Stylesheet
text/css 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.css
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9cd937642268ba5a47ebcd61ff6d9a6afea4b3fe920440f6dc8f5360491b59b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
ETag: "8ecf896-f04-5a251c71a6600"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1164

GET
H/1.1 200
OK popups.css
northamptondaily-ma.newsmemory.com/eebrowser/paywall/config/northamptondaily/css/ Frame 0E5E 9 KB
3 KB 289ms
98ms Stylesheet
text/css 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/paywall/config/northamptondaily/css/popups.css
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 259887926358abb11115f711ed9cfcf2c195bbd6a6c634b421da09e007115a7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Apr 2019 13:15:32 GMT
Server: Apache
ETag: "4e8dc43-2340-585b42a30c500"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2506

GET
H/1.1 200
OK csscustom.css
northamptondaily-ma.newsmemory.com/eeLayout/northamptondaily/1.0.a.paywall/optionspage/template/ Frame 0E5E 43 B
328 B 296ms
97ms Stylesheet
text/css 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northamptondaily-ma.newsmemory.com/eeLayout/northamptondaily/1.0.a.paywall/optionspage/template/csscustom.css
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a6277f9e5fa7ce5326ba8de5ba11078ba842a518b14019fb0b86369ba15dc8c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Feb 2020 22:17:52 GMT
Server: Apache
ETag: "463674f-2b-59f96178bab23"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 63

GET
H/1.1 200
OK back.png
northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/img/ Frame 0E5E 10 KB
10 KB 98ms
98ms Image
image/png 54.221.248.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/img/back.png
Requested by: Host: northamptondaily-ma.newsmemory.com
URL: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.221.248.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-248-213.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c55a294c62f6f951fa8b46e0ba31e12e3f69bd2806962356887be42cf6f97b34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://northamptondaily-ma.newsmemory.com/eebrowser/optionspage/optionspage.check.20040217/php/createaccount/createaccount.php?pSetup=northamptondaily&callFrom=paywall&popup=productsLeft&mode=iframe&productType=ARTICLE&callBackHome=https%3A%2F%2Fwww.gazettenet.com%2FMicrosoft-Russian-backed-hackers-targeting-cloud-services-43208693&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:29:17 GMT
Last-Modified: Thu, 02 Apr 2020 17:03:20 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "d4175aa-28fe-5a251c71a6600"
Content-Length: 10494
Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jobs.thejobnetwork.com
URL: https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js

Verdicts & Comments Add Verdict or Comment

473 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gazettenet.com/	1970-01-20 06:59:22	Name: CMSPreferredCulture Value: en-US
www.gazettenet.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4msrfr305r44bz2lcyztcorl
.gazettenet.com/	1970-01-20 15:44:58	Name: _ga Value: GA1.2.44599423.1635226154
.gazettenet.com/	1970-01-19 22:15:12	Name: _gid Value: GA1.2.483430814.1635226154
.gazettenet.com/	1970-01-19 22:13:46	Name: _dc_gtm_UA-2853643-2 Value: 1
widget.fotomoto.com/	1970-01-19 22:13:46	Name: AWSELBCORS Value: 9BA39BA70ABC0E0E9A0D243FCF17D78E4CB2999E2182000C4B811BE58AC7A4EC16EF89A40AA1E85BEA73188F3BC38C3DED6D833BC0C6F5C8C0258B25F8D5DC11D7EACBA30F
www.gazettenet.com/	1970-01-20 06:59:22	Name: usprivacy Value: 1---
.gazettenet.com/	1970-01-20 06:59:22	Name: ta_MACHINE_ID Value: d82a523dfc65d32bf23baf3247b4ab51
www.gazettenet.com/	1970-01-20 07:42:34	Name: _cb_ls Value: 1
www.gazettenet.com/	1970-01-20 07:42:34	Name: _cb Value: CPpWqZBuXNzB8FY2H
www.gazettenet.com/	1970-01-20 07:42:34	Name: _chartbeat2 Value: .1635226155091.1635226155091.1.C2q6FIDmBBYeDWvA4ABV88Y_BrEcm2.1
www.gazettenet.com/	1970-01-19 22:13:47	Name: _cb_svref Value: null
.doubleclick.net/	1970-01-19 22:13:47	Name: test_cookie Value: CheckForPermission
www.gazettenet.com/	1970-01-19 22:15:12	Name: ta_cookiesTest Value: 1
www.gazettenet.com/	1970-01-19 22:15:12	Name: ta_vl Value: 1
www.gazettenet.com/	1970-01-19 22:15:12	Name: ta_interrupted Value: 0
www.gazettenet.com/	1970-01-19 22:15:12	Name: ta_ss Value: ddaaeef8b6ab4454bd12ba099f5fbd34
www.gazettenet.com/	1970-01-19 22:13:53	Name: fotomoto_cart_skey_e35d9ad9f3a6e33f77b5ee958c3477a37aca0504 Value: e493a41635226130
.gazettenet.com/	1970-01-21 00:30:34	Name: _awl Value: 2.1635226156.0.4-ceb2d696-1ace87fb30f5e9eda99f96b93718bfdd-6763652d6575726f70652d7765737431-6177922c-0
www.fotomoto.com/	1970-01-19 22:13:46	Name: AWSELBCORS Value: 9BA39BA70ABC0E0E9A0D243FCF17D78E4CB2999E21FDC8193EDABB1BB32477E49BD24A9AF2A1E85BEA73188F3BC38C3DED6D833BC0C6F5C8C0258B25F8D5DC11D7EACBA30F
.northamptondaily-ma.newsmemory.com/	1970-01-19 22:56:58	Name: MACHINEID Value: d82a523dfc65d32bf23baf3247b4ab51

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gazettenet.com/App_Themes/Home2018/fonts/glyphicons-halflings-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gazettenet.com/App_Themes/Home2018/fonts/glyphicons-halflings-regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gazettenet.com/App_Themes/Home2018/fonts/glyphicons-halflings-regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://jobs.thejobnetwork.com/Widgets/js/FeaturedJob/TJN.js Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4906953.fls.doubleclick.net
adservice.google.com
api.secondstreetapp.com
assets.revcontent.com
capi.connatix.com
cd.connatix.com
cdn.revcontent.com
cdnjs.cloudflare.com
cds.connatix.com
connect.facebook.net
embed.secondstreetapp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
jobs.thejobnetwork.com
lit.connatix.com
netdna.bootstrapcdn.com
northamptondaily-ma-pw.newsmemory.com
northamptondaily-ma.newsmemory.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
sicksmash.com
static-fotomoto-com.s3.amazonaws.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
teenytinytongue.com
trends.revcontent.com
use.fontawesome.com
use.typekit.net
vid.connatix.com
widget.fotomoto.com
www.facebook.com
www.fotomoto.com
www.gazettenet.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
jobs.thejobnetwork.com
104.111.215.74
104.16.19.94
104.18.10.207
104.21.78.7
142.250.184.194
142.250.184.234
142.250.185.194
142.250.185.72
142.250.185.99
142.250.186.110
142.250.186.42
142.250.74.198
143.204.98.142
151.101.2.137
151.101.66.137
151.139.128.11
157.240.20.19
157.240.20.35
172.217.18.98
172.217.23.98
174.129.235.109
18.225.3.119
2.16.186.59
216.17.34.118
216.58.212.166
35.201.103.212
35.201.96.133
52.216.153.44
52.217.36.214
52.51.68.144
52.70.89.118
54.165.118.4
54.197.229.45
54.221.248.213
54.225.191.147
74.125.140.156
99.80.188.163
029fe8d554312f3b2d1a572510c1e6e6cff5078ab04e72fc7572033c3f54a369
02b40649e4410daff3628c3dc632e8b0a313fe1ffdbaca115550e7189f2d3f92
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
0b193e9148db8d0686329a827b820586dc18f64f47a126980a9a4bb2f2f31ff6
10b66812761dc8641f839a246aeb84c075ee4ddc36b26c33ea4f3c492fd409a2
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
17ce5ab42fc851c8e1b435749fd85c55486f866762ac5b6c004828d87221699f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e6d11ac9b2fc6197cd0d9e6b54c0a9cdbcb8cb5da1fff29a5f2e3992237a7b7
1eb62a863a4c97804d1f849b97639ce79215a6322031d107ef6d0e8bb4b55689
214e0f9cc83905f2342682b3261f6eec72ac30fd3634650f21ccb37d57c77386
257d757d21768348f8bb3fc8ae29b6758c4427a3d9539a06a356ad88be5cb168
259887926358abb11115f711ed9cfcf2c195bbd6a6c634b421da09e007115a7f
2b73107755d23ad3efa245755cc8a298dd295e1ab64f6c9e63b88ea90d1bb769
2b7b4c54c8aba45d655524723eabd356e745d7ef74152773210dfd265fe84310
333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8
34b524307ac30874f393fa659bb78d28527136960a3dd32e098fc2adca02a4a8
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
399bd440cb9d9711f7a5e6128fcdc6a7fa168eeccff34275c18f7f66721fec27
3b70954df2af2b4e3dd3b965df4d057528aecfe5e5e9a23e3674964376ce88d4
3cf4b16de30fa1dc161bafc195f807790a9ed3a990f3f2d9df4cd527ec6720bc
3ed247a67eac1003c708ddd1f12d8bbd831e22c6433f25285bb432531fda98a2
3f25cd6dfcd5a89ef697c5568c83d392183c92cda2e81a18bb1fa8b0d8f2b145
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
428ea820b91086d6ac8a07c9df43c1c77aa430b37dc36e70f45bc4511f8add43
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
47138cec7aaa5cc92a7d28db495ae61c0266e17a0b3f3374c72e369d9023f3f7
47bb94fe059f61b77d91dacf179c1495ad3bb442df65b776e50fdba41342c6b2
480a336e9f77b4674176edc9048019dfc9bc3d912d53b52f2cb1bd1c826f3e4c
492549cf8ec37e775c5d5e9b672cff92881ee5ebc6e383637f8c8d8371d8e803
4c7b75492dbab3422b752c10e3546bff8840452de85163a118bd7984dfe60313
51fba9af48e0eda3ee755a749ac0900e9aef76b53488e982e87b957cbc5760b1
529ba96ae3d23d0ce270ecfb2e016eab3f3f191464cd081004f2dad1fb308fa6
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d
5896f48b050db0cbc6dcf063772ef612f9d7219864e0ee0764495d4d38787cbc
5d7bbad207e6689ac31858d421ef9ed79c96ffb3fc8f6fd88e4d20ea78eb12aa
5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
62921350ddf3d7ac9045e2252ac924de81442b5c7f144346feae343fb30881a9
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dffb8af2e99de162d603b9536b7820d0e4fd787d0ded2aa2ed12a221cb19717
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
72259b2acd53d518b2b04965e1f29f83fd54ce0c5a39c088bb84411ec5995cd5
7243ea95b6a327c78dcf6d651ac4fda9e4024e0b4f09f735a7c0f66f9c2f6c02
7455d2a0bd7147fc7c02c8840a06be07f1bc4e65b5ec0309b9f9adff23e6ab99
76f64c769e00612b3060c966520eb503a48e147feee2c74137877bc15470f156
7759a85ac5d5c87d05954ba1bbab30832dff7dd06a16a1991050cd5555f1e688
7776bb805b46871354ecad1b95a5deb672d44a927c10a51025fc129cf9ce1413
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7a5419d4e7c7489df1ffee0bd3782e43948ac0becbb3984bda63d49d201f37e6
7aec01fc75d1d3b5520cc58b2702808e6d7029aea9f6bd839cfa53368ca8da46
7de5a2cafafe8dce046705c7fa7394e2f6afa1f101f8b6e52251a0d69ebfc115
7e618eba2a5d7fa24221f0efba3deddc69a618727325876656ba94ca7c9aa402
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a9862ed8cec4eccc8f6a22efb076fbe695cd4ff13dc05072793149bc12a7332
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8e4b755ce9b69cd498dc18ba7325d8087c2af2abc2cc33abfb9ecabf64a974f2
8e93349045c292abefc8570cfd48917319ff51e567f1192982e6187d56f8bc13
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
956092c7d76cf02bffb62a154aafa4ef2ae490cbc7dc316e1472d34d18ee06da
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
96e22ad10ed23535c55539954f8ad06fbace8f3ff0992d9f4e14b64bc34e27b4
983b9288f24ef7954569991bef1e6c73d19ae2671f9307a0b7c29ccef3933ec9
984714318ac0d2f39a6c214b3daeffe68a5eb461ac0ffe808c8c29bddb1e0d07
9a101a5beebe05c13f3c518e462c4f2d1e335b1ba093df3b23adad032025ceb2
9cd937642268ba5a47ebcd61ff6d9a6afea4b3fe920440f6dc8f5360491b59b5
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5
9fa052dbe5b8ad848a5059450de97e8d3e6f92e9f91ed509407b284d3b868612
a1fdaf3e88c99593375bb5c12f3c6cd3bdcbd4cffc4e3206373c49a12c739faf
a6277f9e5fa7ce5326ba8de5ba11078ba842a518b14019fb0b86369ba15dc8c3
a72635596c0f47d525f4763cbe6171dd4731346ba1c3c616fe61d2f9ea12b6c7
a8a0d127b9ef344eedf02d646724a35737790830780f871e96edd808ed39d11e
aaaa335a345e92387875d52c12ee434bb1fa60e6353a083c4cd768b855c5198b
ab77ca5aa6aaecac0f10e1d7dae18935386251c60587864ab725c687364f8ef3
acd9b7f4d750dd374ba6b4c640157e920eae4226c4d56739a5998217a4551e56
aea8888ece67a693cbc22e8b9e6aaef532619727b4630b0fa214831b84633c53
af0a984b7f35a76935cb4d2e50df80ef0d3534051db4c897246319361013e2a2
af4171e7ef8666aa412bcd93a42504851491c8c397870552b3ca323d0b0509b6
b095e90e62cbb516b17f882835f49b2204c5f6db95cc514ac9ade39438bfc89a
b4cd5821027bd50e4bc9a86cfd7a1e49f16c69025955f1b47220d217bdca9dbc
b84897b514491bffcf4ab630122fc3c97b6c71ffdcb9ecec4fb149bb35fa2f9e
b932cfe2294598d8f20ef891295d8711d2e44928fa2b9e5583bb2e38e50ec186
b96e6534a5fa0a45c75b2b477922e164daa10b3ba4456f8a7c01d03cf30857d5
bb48e0fc62c50ba209055dc8ef8db49505a247ff01177de5efef95547b0bf216
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
beca0e38b472b504d1b67a9c31614fb4121d72dbed1f1d2cc1d83daeba6c75df
c0dd070e12dff9daf7fc2a3f8a0f1e6e697956fc0ce5ce8e4a767f0548fc6f0c
c1f55dfcd57a42d0475aaf7c66f7e17a2603f97c53b03adb6884695e808e1f3d
c3160d4eb1326fe436d7a1edde158f5d5756ee4de884c40ae20c308b4cdf1fd3
c55a294c62f6f951fa8b46e0ba31e12e3f69bd2806962356887be42cf6f97b34
c767da48cead5fdf9b082d95ed75f1cd1ab2e09e1533cc0f9c46b48671d590da
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca64645c22680035acdd8149902fda928c381cafbeab0b628b5542a7323ee0e4
cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484
cc0ae738ca188ecbd3c0ae0333996f794bcbbf39cec2ccf3f95e560b19084a96
ce34cbb37a01f15bc6322f1a0db46f01a3b303a3bc02dcc7d543db2ebf37e1af
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0da8ae3874929fbad3b65d9d92e38b9521ede06871bb1646b9d3bf4042cd0f9
d196f0a77f0c1f9d4e8ff2bb6993ed9dddbf21fabacb69c4779076be04cd0ce7
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
dbb4ae51ab37f61a759bd862b3f8ffcfc99a9a895e993a45a219f5678e10cada
dc3ef4f490cf0506a2f1b048fb473c09f4decbe96c1aa1747528812e89ac09eb
dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae
df0be3b4daf1631fdd23f2b73628ae1998710c61beda2325ab8eefccee160aa1
e37c1e9cf060de9f8513dcac769bfa837fab8393b6bac58aca1d9830d16ba46f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29
e79923a6bf3023c41b587390a8b3651a2acc6fa717f9c2b421639625a596a6a9
e975917d01767eb356573baccceec8e389ce004769358939c324a47b52b237d4
eddd5530bb19ac89c4c79678d7a2e6d1d17cef003139428583aba7a5bc1ffa79
edf1d4cfd83a8242ed5a2137819680c44000bd48a580f979d86f726f194d4093
f018919bbf27d3e5c04725b1f39ea186e466066ab01e7afbd13bd80c446d6f0d
f1fa40a54ead2ec64b75d01c6f028c675b161b058d7ca88ed0aafd521f4d129c
f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406
f4a3b4f4a6aca1b5c8cd83c9a6cbbfcb6a4ef705f1230eac411bb047102b7745
f5670c5d67f45b529469af7a9afb4dec6fbe1c247d32e9db5029ce8b2acad4ea
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fc7839ea7f4f4b3783abe6b75401d534ad60b3f96e1e54b1d05a3e61c516d8d7

www.gazettenet.com Open in urlscan Pro 52.70.89.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

99 %HTTPS

0 %IPv6

28 Domains

45 Subdomains

38 IPs

5 Countries

3681 kBTransfer

10421 kBSize

21 Cookies

43 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gazettenet.com Open in urlscan Pro
52.70.89.118 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

99 %
HTTPS

0 %
IPv6

28
Domains

45
Subdomains

38
IPs

5
Countries

3681 kB
Transfer

10421 kB
Size

21
Cookies

146 HTTP transactions
2 data transactions