urlscan.io logo urlscan.io
SecurityTrails logo

www.hpnonline.com Open in urlscan Pro
151.139.128.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522...
Effective URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-u...
Submission: On April 07 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 22 domains to perform 118 HTTP transactions. The main IP is 151.139.128.10, located in Dallas, United States and belongs to HIGHWINDS3, US. The main domain is www.hpnonline.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 1st 2020. Valid for: 3 months.
This is the only time www.hpnonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 149.126.77.62 19551 (INCAPSULA)
12 151.139.128.10 20446 (HIGHWINDS3)
1 2a04:4e42:200... 54113 (FASTLY)
1 15 172.217.18.98 15169 (GOOGLE)
7 2a04:4e42:3::720 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 5 23.213.164.149 16625 (AKAMAI-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 204.180.130.159 53866 (QTS-AS)
5 54.174.221.155 14618 (AMAZON-AES)
1 143.204.97.2 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 63.32.186.35 16509 (AMAZON-02)
2 3 185.33.223.216 29990 (ASN-APPNEX)
3 35.175.86.40 14618 (AMAZON-AES)
1 35.190.72.21 15169 (GOOGLE)
2 204.180.130.165 53866 (QTS-AS)
118 25
2    149.126.77.62 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.62.ip.incapdns.net
trailer.web-view.net
12    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
www.hpnonline.com
1    2a04:4e42:200::621 (Ascension Island)

ASN54113 (FASTLY, US)
polyfill.io
15    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
7    2a04:4e42:3::720 (Ascension Island)

ASN54113 (FASTLY, US)
img.hpnonline.com
2    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:21f3:b000:6:b4cc:d980:21 (United States)

ASN16509 (AMAZON-02, US)
d24bnj4f1s1f8m.cloudfront.net
2    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
7    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
5    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    23.213.164.149 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-149.deploy.static.akamaitechnologies.com
s.adroll.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    204.180.130.159 (Chicago, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com
olytics.omeda.com
5    54.174.221.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-221-155.compute-1.amazonaws.com
olytics.as3.io
1    143.204.97.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-2.fra50.r.cloudfront.net
s.dpmsrv.com
19    2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    63.32.186.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-186-35.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
3    185.33.223.216 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    35.175.86.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-86-40.compute-1.amazonaws.com
a.dpmsrv.com
1    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    204.180.130.165 (Chicago, United States)

ASN53866 (QTS-AS, US)
oqs.omeda.com
Domain Requested by
19 cdn.ampproject.org securepubads.g.doubleclick.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.hpnonline.com
cdn.ampproject.org
tpc.googlesyndication.com
14 securepubads.g.doubleclick.net www.hpnonline.com
securepubads.g.doubleclick.net
12 www.hpnonline.com www.hpnonline.com
9 olytics.omeda.com www.googletagmanager.com
www.hpnonline.com
olytics.omeda.com
7 img.hpnonline.com www.hpnonline.com
6 pagead2.googlesyndication.com www.hpnonline.com
5 olytics.as3.io www.googletagmanager.com
www.hpnonline.com
5 s.adroll.com 1 redirects www.googletagmanager.com
www.hpnonline.com
s.adroll.com
5 fonts.gstatic.com www.hpnonline.com
olytics.omeda.com
3 a.dpmsrv.com www.hpnonline.com
s.dpmsrv.com
3 ib.adnxs.com 2 redirects
2 oqs.omeda.com www.hpnonline.com
2 d.adroll.com www.hpnonline.com
2 cdnjs.cloudflare.com www.googletagmanager.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 fonts.googleapis.com www.hpnonline.com
2 trailer.web-view.net 2 redirects
1 www.googletagservices.com www.hpnonline.com
1 idsync.rlcdn.com www.hpnonline.com
1 cm.g.doubleclick.net 1 redirects
1 d.adroll.mgr.consensu.org 1 redirects
1 stats.g.doubleclick.net www.hpnonline.com
1 s.dpmsrv.com www.hpnonline.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 d24bnj4f1s1f8m.cloudfront.net www.hpnonline.com
1 www.googletagmanager.com www.hpnonline.com
1 polyfill.io www.hpnonline.com
118 29
Subject Issuer Validity Valid
www.hpnonline.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-01 -
2020-06-30		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
imgix5.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-22 -
2020-05-14		 6 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2020-01-29 -
2021-04-29		 a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.omeda.com
SSL.com RSA SSL subCA		 2020-03-18 -
2020-08-28		 5 months crt.sh
*.as3.com
Amazon		 2019-05-21 -
2020-06-21		 a year crt.sh
*.dpmsrv.com
Amazon		 2019-05-14 -
2020-06-14		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2019-11-06 -
2020-12-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh

This page contains 9 frames:

Primary Page: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Frame ID: CD4F62F5485583BA48E0AC0799D0C658
Requests: 77 HTTP requests in this frame

Frame: https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE
Frame ID: 74E7389637092034E1DBC934EE2F2271
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: 223E0AB8513FB23F9B3E8366B23B0EB3
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: 2268B460AE3EF15694059FBB2B4F6B5B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: EBCDF1718E870EF9A4726BA357FED79E
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: A533A4A9A1011C77F99899DD60E04FC1
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: 84E6C757CA70867DCD17448D86350851
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: B4526DEE829253ED11313ECA8BD0FC46
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 239321E890F5AFBAE1902BC7EF434460
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE1... HTTP 301
    https://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE1... HTTP 302
    https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/stat... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /fbs/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i

Page Statistics

118
Requests

100 %
HTTPS

52 %
IPv6

22
Domains

29
Subdomains

25
IPs

6
Countries

2151 kB
Transfer

5723 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522BCF6353B14897ABB5B3FE5DCF2E20B4967E66041D8E3B01F8FB5ED96.htm HTTP 301
    https://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522BCF6353B14897ABB5B3FE5DCF2E20B4967E66041D8E3B01F8FB5ED96.htm HTTP 302
    https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=938448927&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&ul=en-us&de=UTF-8&dt=State-sponsored%20hackers%20using%20coronavirus%20lures%20to%20infect%20their%20targets%20%7C%20Healthcare%20Purchasing%C2%A0News&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1351719058&gjid=1100629720&cid=5152451.1586271179&tid=UA-62993175-5&_gid=2002876935.1586271179&_r=1&gtm=2wg3p1PGBWQKG&z=797772740 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62993175-5&cid=5152451.1586271179&jid=1351719058&_gid=2002876935.1586271179&gjid=1100629720&_v=j81&z=797772740
Request Chain 68
  • https://s.adroll.com/j/exp/L5HHENJSKZDLXBM4TXRFHG/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 70
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/L5HHENJSKZDLXBM4TXRFHG?_s=71d97f41ec9f0b181533327b69b75288&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/?_s=71d97f41ec9f0b181533327b69b75288&_b=2
Request Chain 84
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1120%26pixelIndex%3D0%26r%3D895491%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.hpnonline.com%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&_=1586271179535 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1120%2526pixelIndex%253D0%2526r%253D895491%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.hpnonline.com%25252Finfection-prevention%25252Fcrisis-planning-outbreak-response%25252Farticle%25252F21129791%25252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26_%3D1586271179535 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?id=3478234277276733128&q=xImp&v=1.x&cl=1120&pixelIndex=0&r=895491&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&_=1586271179535
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=3478234277276733128&pixelIndex=0&_=1586271179536 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3478234277276733128&pixelIndex=0&_=1586271179536&google_gid=CAESEPAjZabFbzNF9QfeWD9DEHw&google_cver=1

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/
Redirect Chain
  • http://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522BCF6353B14897ABB5B3FE5DCF2E20B4967E66041D8E3B01F8FB5ED96.htm
  • https://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522BCF6353B14897ABB5B3FE5DCF2E20B4967E66041D8E3B01F8FB5ED96.htm
  • https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
78 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
a5f1fb9938e8062b8294dc01ca4b9202ea6a9b2abfc6bb365c25dead8a99ab5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.hpnonline.com
:scheme
https
:path
/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 07 Apr 2020 14:52:58 GMT
cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
set-cookie
SPSI=12dad184275ddd3671087ac6ecae8077; path=/; spcsrf=fa6d4f26100895df07cdaf8958d0a992; path=/; SameSite=Strict; HttpOnly; expires=Tue, 07-Apr-20 16:52:57 GMT adOtr=obsvl; path=/; expires=Thu, 2 Aug 2001 20:47:11 UTC UTGv2=D-h46dedfe526e9ab16e691479c78d6b0abe59; path=/; expires=Wed, 07-Apr-21 14:52:57 GMT sp_lit=TR+3kJ9A88heOYA3LBD+Rg==; path=/; SameSite=Strict; HttpOnly; expires=Tue, 07-Apr-20 14:57:58 GMT
vary
Accept-Encoding
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-version
Site:1.14.3|Core:1.25.5
server
fbs
x-hw
1586271177.cds164.fr8.hn,1586271177.cds092.fr8.sc,1586271178.cdn2-redis02-fra1.stackpath.systems.-.wx,1586271178.cds092.fr8.p
access-control-allow-origin
*

Redirect headers

Cache-Control
private,no-cache
Pragma
No-cache
Content-Type
text/html; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Server
Microsoft-IIS/10.0
Access-Control-Allow-Origin
*
Date
Tue, 07 Apr 2020 14:52:57 GMT
Connection
close
Content-Length
285
Set-Cookie
visid_incap_82454=t+DNAk8zRfGhTJenlD8ciMmTjF4AAAAAQUIPAAAAAADrprJ51VTn70o5yTNDVKs9; expires=Tue, 06 Apr 2021 15:10:22 GMT; HttpOnly; path=/; Domain=.web-view.net nlbi_82454=zdPOL1WB7EUdo69D257tfAAAAABpDXA1cZ7XQknWn1v6BhvC; path=/; Domain=.web-view.net incap_ses_533_82454=8idGQDUeAWWpkPwleLJlB8mTjF4AAAAAlBTKGvpYnD1fudp9h0v0iA==; path=/; Domain=.web-view.net
X-CDN
Incapsula
X-Iinfo
2-7798373-7798379 NNNN CT(11 7 0) RT(1586271177118 11) q(0 0 0 -1) r(0 0) U9
polyfill.min.js
polyfill.io/v3/ 		72 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es6%2Ces7%2Cfetch%2CPromise.prototype.finally
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
age
1630759
normalized-user-agent
chrome/74.0.0
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
FRA
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Thu, 19 Mar 2020 17:46:15 GMT
date
Tue, 07 Apr 2020 14:52:58 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
index.11ef517b.js
www.hpnonline.com/dist/js/ 		244 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/index.11ef517b.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
ea02f27c77dec17d65d0b36b7ea1c9751bd678fe711281fab15e1a892790dcb4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.3|Core:1.25.5
date
Tue, 07 Apr 2020 14:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 07 Apr 2020 14:48:35 GMT
server
fbs
etag
W/"3d0a6-171551d49b8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586271178.cds164.fr8.hn,1586271178.cds089.fr8.sc,1586271178.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1586271178.cds089.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
index.53b8eb74.css
www.hpnonline.com/dist/css/ 		195 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/css/index.53b8eb74.css
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
ffadaa5b028ec126d64eeb8438f814f40d7ba6a033ce156a5eb6e821d3410cf1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

x-version
Site:1.14.3|Core:1.25.5
date
Tue, 07 Apr 2020 14:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 07 Apr 2020 14:46:16 GMT
server
fbs
etag
W/"30a7f-171551b2ac0"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586271178.cds164.fr8.hn,1586271178.cds135.fr8.sc,1586271178.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1586271178.cds135.fr8.p
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
668881360faad6b06e8ba9ae8114b30a1b48e7d40a0d7b27d10281178f1aace4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"479 / 554 of 1000 / last-modified: 1586189426"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14317
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:52:58 GMT
site_logo_white.png
img.hpnonline.com/files/base/ebm/hpn/image/static/logo/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/static/logo/site_logo_white.png?h=60
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
ef2272f7bb967ee370a06c2e95fc6b18ae1de025b0f389ad99e1444102f30f22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Apr 2020 16:30:53 GMT
server
imgix
age
512525
x-cache
HIT, HIT
content-type
image/png
status
200
cache-control
public, max-age=2592000
x-imgix-id
e0211c2795d6285e489bd6a41baf848de47e3e6c
accept-ranges
bytes
access-control-allow-origin
*
content-length
23724
x-served-by
cache-lax8638-LAX, cache-fra19156-FRA
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed77d02c4d29c4e104ea6b8b90c50da19685375b158db9ca06f64e284bacc945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 14:52:59 GMT
server
ESF
date
Tue, 07 Apr 2020 14:52:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Apr 2020 14:52:59 GMT
css
fonts.googleapis.com/ 		12 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,600,700&display=swap
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f43c1ebb9d03a81af89b4b2c2ff3d5de69f9b9ae4d94ecdfbfb18ab47e3cf00b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 14:52:59 GMT
server
ESF
date
Tue, 07 Apr 2020 14:52:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Apr 2020 14:52:59 GMT
gtm.js
www.googletagmanager.com/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ef1cd6e4a24b74cdea3c038d14e0c83679852fa7b1b00d75d82bd66bae04e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
34751
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Apr 2020 14:52:59 GMT
fortnight.min.js
d24bnj4f1s1f8m.cloudfront.net/1.0.0-rc.4.3/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d24bnj4f1s1f8m.cloudfront.net/1.0.0-rc.4.3/fortnight.min.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:b000:6:b4cc:d980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1901883b41320f43b0643db4b3e0acec95cd96343ea192995777687b7e3098c4

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Feb 2020 12:24:58 GMT
content-encoding
gzip
x-amz-request-id
F1F4513AF9B9E562
x-cache
Hit from cloudfront
status
200
x-amz-id-2
FldLUv1NZw+gJDda/DIzSX3ViK4t8U6uNkLgkhNOLCQ5RR4qE8+fZbGB7JaWshlOrORZOuiHnDY=
access-control-allow-origin
*
last-modified
Wed, 18 Jul 2018 17:49:39 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
RazQ22zSRMzcD3hVMjYzND6PVsqpGwzXxKqLHSsD8vqfsXobVoKPFQ==
/
www.hpnonline.com/sbbi/ Frame 74E7 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
aed1470468ad66e62ad13a924ebe753bd2ff0b93d2997fcffcd17ec227cd5da6

Request headers

:method
GET
:authority
www.hpnonline.com
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPSI=12dad184275ddd3671087ac6ecae8077; spcsrf=fa6d4f26100895df07cdaf8958d0a992; sp_lit=TR+3kJ9A88heOYA3LBD+Rg==; PRLST=YE; UTGv2=h46dedfe526e9ab16e691479c78d6b0abe59
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets

Response headers

status
200
date
Tue, 07 Apr 2020 14:52:59 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
x-hw
1586271179.cds164.fr8.hn,1586271179.cds064.fr8.sc,1586271179.cdn2-wafbe04-fra1.stackpath.systems.-.i,1586271179.cds064.fr8.p
access-control-allow-origin
*
/
www.hpnonline.com/sbbi/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hpnonline.com/sbbi/?sbbpg=utMedia&vii=1h24d6adde1d8f4e257256ded9da3b61761e068971a4c769ecc7a8ed860b707aobjei5u9
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-accel-expires
0
date
Tue, 07 Apr 2020 14:52:59 GMT
server
fbs
status
200
x-hw
1586271179.cds164.fr8.hn,1586271179.cds166.fr8.sc,1586271179.cdn2-wafbe02-fra1.stackpath.systems.-.i,1586271179.cds166.fr8.p
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
reveal-ad-listener.47f81b67.js
www.hpnonline.com/dist/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/reveal-ad-listener.47f81b67.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
dffd87875217d58f696f50d13310ca28621639317d731d2246c1d6141b2fb7f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.3|Core:1.25.5
date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 07 Apr 2020 14:48:35 GMT
server
fbs
etag
W/"c71-171551d49b8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586271179.cds164.fr8.hn,1586271179.cds054.fr8.sc,1586271179.cdn2-wafbe02-fra1.stackpath.systems.-.wx,1586271179.cds054.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
theme-menu-toggle-button.2f2b1190.js
www.hpnonline.com/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/theme-menu-toggle-button.2f2b1190.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
2b9334c002212023f39814dac087f127a4939f0f3ffac43afd7eb172f8fd7fb0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.3|Core:1.25.5
date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 07 Apr 2020 14:48:35 GMT
server
fbs
etag
W/"1466-171551d49b8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586271179.cds164.fr8.hn,1586271179.cds148.fr8.sc,1586271179.cdn2-wafbe02-fra1.stackpath.systems.-.wx,1586271179.cds148.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.hpnonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hpnonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020040202.js
securepubads.g.doubleclick.net/gpt/ 		167 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040202.js?21065815
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
b4e68e0925d36a50056405d18b488f3b6cb2e92389fa60798487358ac0fb9bbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 03 Apr 2020 05:21:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62517
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:52:59 GMT
va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
fonts.gstatic.com/s/firasans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 00:18:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:53 GMT
server
sffe
age
484458
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15212
x-xss-protection
0
expires
Fri, 02 Apr 2021 00:18:41 GMT
va9B4kDNxMZdWfMOD5VnSKzeRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnSKzeRhf6Xl7Glw.woff2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefec80a8ff913dcde9216b9f304c5f44b0474a1d7095a964ec75d0b1b611bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 18:22:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:46 GMT
server
sffe
age
505840
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15304
x-xss-protection
0
expires
Thu, 01 Apr 2021 18:22:19 GMT
marko-web-social-sharing.6d3298c4.js
www.hpnonline.com/dist/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/marko-web-social-sharing.6d3298c4.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
e630479a0bc943ba3e41c918c94a8f796e643462aacee55126ad1ea217908ab0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.3|Core:1.25.5
date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 07 Apr 2020 14:48:35 GMT
server
fbs
etag
W/"2647-171551d49b8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586271179.cds164.fr8.hn,1586271179.cds104.fr8.sc,1586271179.cdn2-redis01-fra1.stackpath.systems.-.wx,1586271179.cds104.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
wlp_gwjKBV1pqhv43IE7225P.woff2
fonts.gstatic.com/s/cardo/v11/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v11/wlp_gwjKBV1pqhv43IE7225P.woff2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8204d955949011c5828e9abf4d8b96d072565c688aef0b35b502e5c41529a7aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 13:51:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jul 2019 00:02:27 GMT
server
sffe
age
522068
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14860
x-xss-protection
0
expires
Thu, 01 Apr 2021 13:51:51 GMT
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v15/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 13:05:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Mar 2020 18:18:46 GMT
server
sffe
age
870478
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
34172
x-xss-protection
0
expires
Sun, 28 Mar 2021 13:05:01 GMT
vendors~marko-web-photoswipe.8e6cd7eb.js
www.hpnonline.com/dist/js/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/vendors~marko-web-photoswipe.8e6cd7eb.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
ec2a3e1dfcc59cfdc3c3d8ae5460e8b162a9d135f2919ae3c6715a5152f6ed83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.3|Core:1.25.5
date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 07 Apr 2020 14:48:35 GMT
server
fbs
etag
W/"bfcc-171551d49b8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586271179.cds164.fr8.hn,1586271179.cds077.fr8.sc,1586271179.cdn2-redis02-fra1.stackpath.systems.-.wx,1586271179.cds077.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
NCSC_State_sponsored_hackers_using_coronavirus_lures_to_infect_their_targets_pic___3.16.20du___hacker_1944688_1280___Pixabay.5e6f9192680a0.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/03/16x9/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/03/16x9/NCSC_State_sponsored_hackers_using_coronavirus_lures_to_infect_their_targets_pic___3.16.20du___hacker_1944688_1280___Pixabay.5e6f9192680a0.png?auto=format&w=720
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
78cf423a51a7b2d1bd1c98ea9820d5c4020ddfb534e1c4a95ffe9de00f789cea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 13:15:15 GMT
server
imgix
age
5864
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
2205b81e44ac7563e49436af9c64ae4a87cf8394
accept-ranges
bytes
access-control-allow-origin
*
content-length
98944
x-served-by
cache-lax8632-LAX, cache-fra19156-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4413855961476374&correlator=2216893824003005&output=ldjh&impl=fifs&adsid=NT&eid=21065815%2C21062832%2C21064366%2C21065393%2C21065783&vrg=2020040202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Clb1%2Crail1%2Crail2%2Cdefault%2Cwa&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F6%2F7&prev_iu_szs=970x250%7C970x90%7C970x66%7C728x90%2C300x250%2C300x600%2C1x1&ists=1&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586271179&dt=1586271179273&dlt=1586271178396&idt=861&frm=20&biw=1585&bih=1200&oid=3&adxs=217%2C995%2C995%2C0&adys=126%2C604%2C1654%2C0&adks=321684541%2C2740456505%2C1285598468%2C4151099877&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=30&icsg=245423&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1176x3672%7C381x3118%7C381x3118%7C1585x1200&msz=1152x250%7C357x250%7C357x600%7C1585x-1&ga_vid=5152451.1586271179&ga_sid=1586271179&ga_hid=938448927&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
0ad15882d8c6fe771d22a15f056c973859d44deeeb28ab404385dfe76f4f24f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7010
x-xss-protection
0
google-lineitem-id
5158768279,5158768279,5277826533,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138285649131,138285649509,138301179530,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020040202.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
1b7d9ea9ab5b84692f3280f86d3322a9789834f55e10343ecb9cad4945de4c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 03 Apr 2020 05:21:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
23915
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:52:59 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		426 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4413855961476374&correlator=2216893824003005&output=ldjh&impl=fifs&adsid=NT&eid=21065815%2C21062832%2C21064366%2C21065393%2C21065783&vrg=2020040202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Creskin&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586271179&dt=1586271179285&dlt=1586271178396&idt=861&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=327709333&ucis=5&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=31&icsg=33799855&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x4223&msz=1585x1&ga_vid=5152451.1586271179&ga_sid=1586271179&ga_hid=938448927&fws=0&ohw=0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
9e28da7f8111b7ceed304c0f404e77cf2c57d041b0701885607434a5236b8582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4413855961476374&correlator=2216893824003005&output=ldjh&impl=fifs&adsid=NT&eid=21065815%2C21062832%2C21064366%2C21065393%2C21065783&vrg=2020040202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Cload-more&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586271179&dt=1586271179291&dlt=1586271178396&idt=861&frm=20&biw=1585&bih=1200&oid=3&adxs=1034&adys=3886&adks=642957970&ucis=6&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=32&icsg=33799855&std=0&csl=257&vis=1&dmc=8&scr_x=0&scr_y=0&psz=391x351&msz=367x351&ga_vid=5152451.1586271179&ga_sid=1586271179&ga_hid=938448927&fws=0&ohw=0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
9ee8779efdfe5a03e8f9369b360295f423ccede1abb1a895e18b32e9fdab6b5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4718
x-xss-protection
0
google-lineitem-id
5158768279
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138285737792
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
roundtrip.js
s.adroll.com/j/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
EEryoP57M4BXSHtGt9JFNoNG_YhGzXxp
Content-Encoding
gzip
x-amz-request-id
5B64FB7E0A29A18E
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 14:52:59 GMT
Connection
keep-alive
Content-Length
10905
x-amz-id-2
cyhtZzUMRRH+3azNobhgA/owi1TOIrHigGwio+Vd/0CCKLcw4WcCHJh++0vWdWKuZdO/e9F4VUU=
Last-Modified
Wed, 01 Apr 2020 18:03:06 GMT
Server
AmazonS3
ETag
"9884704eb3fc99427eb5b90c4bbab62c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
864
date
Tue, 07 Apr 2020 14:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 07 Apr 2020 16:38:35 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
br
cf-cache-status
HIT
age
13765406
cf-ray
58049356bb7ed725-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sun, 28 Mar 2021 14:52:59 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
br
cf-cache-status
HIT
age
22230315
cf-ray
58049356bb83d725-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 28 Mar 2021 14:52:59 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
olytics.css
olytics.omeda.com/olytics/css/v3/p/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
b1dee28cc772eb1903b9c309483167354c1054136ccf16ef18908b2eecd4b980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 07 Apr 2020 14:53:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 16:30:36 GMT
Server
Apache
ETag
W/"13883-1580488236000"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Accept-Ranges
bytes
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 07 Apr 2020 20:53:11 GMT
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/ 		256 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
591c03fa5d6aeafd8a894846669613efc6fa5103beba00fbada8d2b340039260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 14:53:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Apr 2020 00:56:48 GMT
Server
Apache
ETag
W/"262321-1585875408000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Accept-Ranges
bytes
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 07 Apr 2020 20:53:10 GMT
sapience.js
olytics.as3.io/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/sapience.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
/
Resource Hash
294854484854cb24749fabe1f0be264fff4c770f6c65d9ba0313074176f74b89

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
last-modified
Mon, 30 Mar 2020 22:36:25 GMT
age
58592
x-served-by
10.0.1.153
vary
Accept-Encoding
x-cache
HIT: 197330
content-type
application/javascript
status
200
cache-control
max-age=36400
accept-ranges
bytes
content-length
9187
expires
Tue, 07 Apr 2020 00:36:26 GMT
dpm_1592af7e76a7114b4f9beea0be4746f59ada13a6.min.js
s.dpmsrv.com/ 		152 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.dpmsrv.com/dpm_1592af7e76a7114b4f9beea0be4746f59ada13a6.min.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-2.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e9812be9c9f550e2e2dd94de2f7a1d3fa4ca087dc20888be1e931ab5d22c9dc

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 16:54:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Mar 2020 13:00:17 GMT
Server
AmazonS3
Age
79124
ETag
"aedfa3a182d80573f5edd3c20964d8b5"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41396
X-Amz-Cf-Id
StNIJciR5bfaV9bFFfxVji6XgGRiBf1GmSg_xsvRSv3Q7lpvz0Cdqg==
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4413855961476374&correlator=2216893824003005&output=ldjh&impl=fifs&adsid=NT&eid=21065815%2C21062832%2C21064366%2C21065393%2C21065783&vrg=2020040202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Cload-more&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586271179&dt=1586271179329&dlt=1586271178396&idt=861&frm=20&biw=1585&bih=1200&oid=3&adxs=1034&adys=4333&adks=4073142418&ucis=7&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=41&icsg=6458158016&mso=1073741824&std=0&csl=259&vis=1&dmc=8&scr_x=0&scr_y=0&psz=391x351&msz=367x351&ga_vid=5152451.1586271179&ga_sid=1586271179&ga_hid=938448927&fws=0&ohw=0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
33b8ab955ca6c9dc500e9055d44a6593ce2c19c481d98884bfd8ce56f2876764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4541
x-xss-protection
0
google-lineitem-id
5158768279
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138285649695
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4413855961476374&correlator=2216893824003005&output=ldjh&impl=fifs&adsid=NT&eid=21065815%2C21062832%2C21064366%2C21065393%2C21065783&vrg=2020040202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Cload-more&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586271179&dt=1586271179352&dlt=1586271178396&idt=861&frm=20&biw=1585&bih=1200&oid=3&adxs=250&adys=5033&adks=1570567575&ucis=8&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=42&icsg=6458158016&mso=1073741824&std=0&csl=259&vis=1&dmc=8&scr_x=0&scr_y=0&psz=391x600&msz=367x600&ga_vid=5152451.1586271179&ga_sid=1586271179&ga_hid=938448927&fws=0&ohw=0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
a7615c0ede449b84bda6675f817e088578aa7cdbf6ceedc315a562c7f510ca5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4560
x-xss-protection
0
google-lineitem-id
5277826533
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138301525192
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Detained__undocumented_immigrants_are_vulnerable_to_COVID_19_pic___4.7.20du___migration_3129340_1920___Pixabay.5e8c90ecafc57.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/Detained__undocumented_immigrants_are_vulnerable_to_COVID_19_pic___4.7.20du___migration_3129340_1920___Pixabay.5e8c90ecafc57.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
ead5f3fd418cfe144b3f7b86716c46cca13c7a8f2db2873170a099216da193fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:40:52 GMT
server
imgix
age
676
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
4086a742c19652cefa9f3112e3b5f7ca66cff648
accept-ranges
bytes
access-control-allow-origin
*
content-length
6160
x-served-by
cache-lax8645-LAX, cache-fra19156-FRA
Getinge_to_further_increase_production_capacity_of_ventilators_in_2020_pic___4.7.20du___26792505186_b483bff272_o___FDA_Flickr.5e8c8f3aa195e.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/1x1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/1x1/Getinge_to_further_increase_production_capacity_of_ventilators_in_2020_pic___4.7.20du___26792505186_b483bff272_o___FDA_Flickr.5e8c8f3aa195e.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
317bf1d62cfffb0a5f635b114e9d169ca73cd50fac5f97b92b010c635b35818b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:37:06 GMT
server
imgix
age
953
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
0cf3f868dcef2ef9fdf079ab3cbd5a7914485971
accept-ranges
bytes
access-control-allow-origin
*
content-length
5336
x-served-by
cache-lax8635-LAX, cache-fra19156-FRA
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 223E 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 223E 		200 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame 223E 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4315
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame 223E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc942b6722f322fea8f5217f1c684150c728e52d22ea5bbeff9f1f5099fb0d49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012003171848440/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
064282bdfcb1d589a67f8940076741fd9b90c43baaae421a71a5a96a226b9e71
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4212
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7178
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8728c2475be0528f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:42:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4413855961476374&r=300x250&w=300&h=250
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7258109015763691272
tpc.googlesyndication.com/simgad/ Frame 223E 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7258109015763691272
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 17:32:28 GMT
x-content-type-options
nosniff
age
854431
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31920
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 17:32:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 223E 		0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGN0dzCamRUfyB3lxL9ToGjVS4NQBBgni9-cJnOsUoNvj3weHBC2JNV6jRAdzV1wd58wrZ699noxqXgE0SCQs8REh1J6WZt7lNvRtlNV7cAQnUMWuaxMBBDF2w0wgZCBv1DZIGC2y2qZg5y1lRkSOgktPrCAkWFCkKFAz5D52iQjl04lqhWgb6s9cDJ2zUMj3VlAamUtBQB0ouDq_Y0jMVdS4b86iPiTCwkD_USMDRgHGgLo8KuvYbZVSnfbwiZv9-HdqMQmQXQASuUVNc5mlR2by0F28joJ_k3yuMj3UxRg&sai=AMfl-YROmlgwBGQnFKNAheg47gdO8WFGHma_O4F_w-6pknJ2b6LESUWci3P4kA2DKgP5ZTsvgpEhWuryB9u6VA9BupW-qHj2-qacKRnifIIU&sig=Cg0ArKJSzGjZeD1sd_gZEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:52:59 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 2268 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 2268 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame 2268 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4315
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame 2268 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
240f41e31fe911c0196cb55cb0a180bf66202a6f9397df061b7304c6b2b88beb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame EBCD 		200 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame EBCD 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame EBCD 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4315
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
7258109015763691272
tpc.googlesyndication.com/simgad/ Frame EBCD 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7258109015763691272
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 17:32:28 GMT
x-content-type-options
nosniff
age
854431
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31920
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 17:32:28 GMT
truncated
/ Frame EBCD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b7f01b9f7ba7dfc72d0797c49d1df2906cd96bae8dbc27c04432fbdb52687ed

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame A533 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame A533 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame A533 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4315
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame A533 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37cef0da477b61387d849bf741eadfb3e11a7a12dd26be26b437a4d06a313d45

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
11222115162858062618
tpc.googlesyndication.com/simgad/ Frame 2268 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11222115162858062618
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fbeb20754a73882ef8272aa37ca0fb6e665a2318fa34a128e34a60650a3f7f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 00:00:58 GMT
x-content-type-options
nosniff
age
831121
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33702
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:18 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Mar 2021 00:00:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2268 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswWHM6M1Pogxg_p6CyDSLcBacEQ1f2XQTsMgEsIoV4vNqay2eX1ngNkdY4Z-V70vDNGnX5AWJwuDdzidK9mXtZ0nE046LPYbvP2iISR6kA0zf4_7kofF848-GvXtE7TZkyAae9Y5g1TRCXo656XXWvLic9QNPovn2gwljh_dTPwP_TIYqLCGkzT9dRen5dbeGhowrcfqr9MunFvAg_W868ue7pgysAMQ6TJUv2YDfm7ypI8P4QjIBc1PFJv6NbOhzfzYalrG71GU-7-Zh1ww89feh71ZsQVtOsug&sai=AMfl-YQfE4XC6syo9hb4VCo0dbuw1K04yhGP1rbLtP8incFjmDdPDJHDOR52iEFVdIBy7IlO6QRTIhhSZ-h9HcfAwSJA1yVNV5ZH9etemax7nQ&sig=Cg0ArKJSzMysZqrtdSzQEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame EBCD 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvE9kRa028HT-wFzT8hobL-VEVE_-sOm0y719SeiMbbNuZ7KnFRxM-rFj59uv4YCERis65Za8fqDYfJQw-OhC5hivDWFW1mC9AZ9UQI3ixabUoQVmKJBHImG6YRTTcTV95iYeaDKDUZPjoDHbnRjEFfapJfQcHIwNpikuBJALBbhZH0bt1Nb4DRCZwGk8FG9kC5pbmsdQDe8aVIxthCqRa0CuNUGkeuy9WY2L4K0TGxKaPpbnmfufLWPdwrv1rsaSZjX1zp1P_jFECAtXzqPwLSdx_Djw9YWldgp6ka&sai=AMfl-YRNOH031_VtPeLokq2KLAfGXDv2d1ezCeS4ZmrQbPYSqurY58JrVfaJlqeyBdzL59Kgs7a6gw9yxtRw0nEpaDyqcYBwDiVKc5Spx5Vf1w&sig=Cg0ArKJSzB17OyPRr9ocEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
11400159902587238257
tpc.googlesyndication.com/simgad/ Frame A533 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11400159902587238257
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b7080c0b6dd6f7ed3d49227b78a09f5dcb914d9ea72a2e6177d12e506bfe97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 14:00:16 GMT
x-content-type-options
nosniff
age
262363
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
66185
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 22:02:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 14:00:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A533 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsse0XWeNXN2V8x3xDIBiCmMPAAEG5SS4jv2j4GK7R2yaMm5fnXP7QWB_zKryEy_8T86iyO9gAmWocyAdiBdoaKFr7pEaIAHjlnI1slHfcENCA_wVx5CL0gZXE0Gk5H568MlPjphovk2p0p3HuOFWly1g-7CbQ2DPjnPR5Ndu3tLHYzR1eK02qyPscSkqlCTwqzr-ApVXP-UkBljhdWov8vsN86efOLZsQZztDldqbiCBbztK3WtZjlCfRS5oDHYr71JB22n4gm-oXrWEAu49Y67XxJSK_grl-B7B0hg&sai=AMfl-YTUNLBXsSDj2_RQuRsiLXSroz_ULRDN9Y0C_43ZOalXYkrJiIP9p7i8obmBMr81Ss7-hxf3aMIf2dZq70bVY5oFVhSm4aRPZie6VQAYhQ&sig=Cg0ArKJSzDkD1-Mw6K9DEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=938448927&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62993175-5&cid=5152451.1586271179&jid=1351719058&_gid=2002876935.1586271179&gjid=1100629720&_v=j81&z=797772740
35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62993175-5&cid=5152451.1586271179&jid=1351719058&_gid=2002876935.1586271179&gjid=1100629720&_v=j81&z=797772740
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 07 Apr 2020 14:52:59 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:52:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62993175-5&cid=5152451.1586271179&jid=1351719058&_gid=2002876935.1586271179&gjid=1100629720&_v=j81&z=797772740
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/L5HHENJSKZDLXBM4TXRFHG/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
oJIzvk_mmLAXF5iekxvT5NnrQtQSmq7M
Content-Encoding
gzip
x-amz-request-id
CC0F73FCFF952524
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 14:52:59 GMT
Connection
keep-alive
Content-Length
48
x-amz-id-2
l2SuY/Zqhw+xyJkj7InfvqoJzNpqh9IGnRBj0DT2XibyJ/lFEH5SE9WbzHsCVnMaz+lknVzoYg8=
Last-Modified
Thu, 02 Apr 2020 22:43:50 GMT
Server
AmazonS3
ETag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Tue, 07 Apr 2020 14:52:59 GMT
Server
AkamaiGHost
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/L5HHENJSKZDLXBM4TXRFHG/SROMGM2TYZBCRL2ZFL7G45/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/L5HHENJSKZDLXBM4TXRFHG/SROMGM2TYZBCRL2ZFL7G45/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
k39iXouv7dgjE.J6TXv_Zu653.vZGc2x
Content-Encoding
gzip
x-amz-request-id
F619C2F0518F0DAC
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 14:52:59 GMT
Connection
keep-alive
Content-Length
635
x-amz-id-2
O06uQUtMT5zmiiJmahnCwT/Te/RVt6ZJEUDFuflQ2IWmebkVmfp4qsGZ33uXR/OGtA23g9lPXpc=
Last-Modified
Mon, 06 Apr 2020 14:06:21 GMT
Server
AmazonS3
ETag
"3996d65282dd996ee0d7d4c90c139158"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/L5HHENJSKZDLXBM4TXRFHG?_s=71d97f41ec9f0b181533327b69b75288&_b=2
  • https://d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/?_s=71d97f41ec9f0b181533327b69b75288&_b=2
106 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/?_s=71d97f41ec9f0b181533327b69b75288&_b=2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.186.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-186-35.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
4b17f65b9c3e956c423712d1f6fad95924947f4ea247683ff9f4174886052532

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 07 Apr 2020 14:52:59 GMT
server
nginx/1.16.1
content-length
106
content-type
application/javascript

Redirect headers

status
302
date
Tue, 07 Apr 2020 14:52:59 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/?_s=71d97f41ec9f0b181533327b69b75288&_b=2
gam-fixed-ad-bottom.e52a81e2.js
www.hpnonline.com/dist/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/gam-fixed-ad-bottom.e52a81e2.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
dc7c05ecff2e2824bbfa33b38c9a86e8fa6ecaca29777cd1f6f1d80b99c8b4af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.3|Core:1.25.5
date
Tue, 07 Apr 2020 14:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 07 Apr 2020 14:48:35 GMT
server
fbs
etag
W/"4ede-171551d49b8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586271179.cds164.fr8.hn,1586271179.cds133.fr8.sc,1586271179.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1586271179.cds133.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 84E6 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 84E6 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame 84E6 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4315
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
7258109015763691272
tpc.googlesyndication.com/simgad/ Frame 84E6 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7258109015763691272
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 17:32:28 GMT
x-content-type-options
nosniff
age
854431
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31920
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 17:32:28 GMT
truncated
/ Frame 84E6 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4227bb880046aabada279f14b4c6058c1b148d1e576a206ed1b260e02f7069af

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 84E6 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVCjHynFNmmRrF3ykjuW1pEK7VFj6cIp2K_Fj51EJJLSCclA9W8mqMmQ0he93slsutoowRbLIZwsaISGmFu-r39tbpW5kpvkA1x1N5Mc8SyxCKhJ_AWE8hmxeZT7ACfKlFomcH_ejKdpu60Gf_A3-xha46BXQMzTrz-OVhN78qEvjX1KXd7rcVghx6esCaZPlE-cRDX1KeIHzfgjiCx-YiF7w7TZSGmMmWKTfhNTBWGlsiI_Mz9MvqZG6MV1J6JyJ2--VkZxLmKlLMWnmZxmR_nrqep-IA99OVTPwu39QagA&sig=Cg0ArKJSzEfp4Rr0dsSmEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame B452 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame B452 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame B452 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4315
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
11400159902587238257
tpc.googlesyndication.com/simgad/ Frame B452 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11400159902587238257
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b7080c0b6dd6f7ed3d49227b78a09f5dcb914d9ea72a2e6177d12e506bfe97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 14:00:16 GMT
x-content-type-options
nosniff
age
262363
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
66185
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 22:02:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 14:00:16 GMT
truncated
/ Frame B452 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53efe450dad05e971b8b6d8e68100d9ca7790258e1e026a7abb607eec11325c3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B452 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLDXWR0cryLZwHvOyd4mwtOcjUedPF00lOFpIPt7Uek0KggQIa-8HRChwi0pDBFiuYghZYCZYxzOVHxD5RR7lFXSmYzAKcwHCjpv7d-wvCVs00fytdRHPVlKFrihVFUYX1nRSIJW4fDwPqrwLuy_IMMaAFiSNETITVvNY7hEAt8-eX8icIleTvt-svo0EKuIZ4kUDtkr7ynvQcPuWkNO-ALoG6OyBWOEaHmD6mkvMqFnA68ZGl12K618cOnAZ_uT_EZJRO3zQ6GhR6MtPckTKVl2oBOgrDaYkFq7cL26_n4g&sig=Cg0ArKJSzPIr1VzGiM-LEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1120%26pixelIndex%3D0%26r%3D895491%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.hpnonline.co...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1120%2526pixelIndex%253D0%2526r%253D895491%2526tzOffset%2...
  • https://a.dpmsrv.com/dpmpxl/index.php?id=3478234277276733128&q=xImp&v=1.x&cl=1120&pixelIndex=0&r=895491&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-ou...
255 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?id=3478234277276733128&q=xImp&v=1.x&cl=1120&pixelIndex=0&r=895491&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&_=1586271179535
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.86.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-86-40.compute-1.amazonaws.com
Software
/
Resource Hash
a93c382c663cca23ee1b276a8bd2fb6e9dc4e16ab8d6f03610adb466cfaf6f47

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
225
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 14:53:01 GMT
AN-X-Request-Uuid
3e9a571f-cfd5-4a69-baab-18a24fc7fdc9
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://a.dpmsrv.com/dpmpxl/index.php?id=3478234277276733128&q=xImp&v=1.x&cl=1120&pixelIndex=0&r=895491&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&_=1586271179535
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cantel_announces_initiatives_to_help_fight_COVID_19_pic___4.7.20du___insulation_station_4984462_1920___Pixabay.5e8c8e9f178a0.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/Cantel_announces_initiatives_to_help_fight_COVID_19_pic___4.7.20du___insulation_station_4984462_1920___Pixabay.5e8c8e9f178a0.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
88bd9dfe93a94d11c89bb8c841849f47c5bc3e7bc828c7bbab6649ad5ae6c7d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:33:17 GMT
server
imgix
age
1181
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
99faf47b241cab3f270555325be16773a8ec9412
accept-ranges
bytes
access-control-allow-origin
*
content-length
5942
x-served-by
cache-lax8639-LAX, cache-fra19156-FRA
3M_responds_to_Defense_Production_Act_order_pic___4.7.20du___43812582001_b6ab2bbbfc_o___FDA_Flickr.5e8c8ddd46d72.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/3M_responds_to_Defense_Production_Act_order_pic___4.7.20du___43812582001_b6ab2bbbfc_o___FDA_Flickr.5e8c8ddd46d72.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
590f9bfc475d57c114cb4a9b3b558d04fabc9e9913a4b158494b2036363c6648
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:29:13 GMT
server
imgix
age
1357
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
dd8abdf6dd134a21a7aab3170a4d40d70d4af9b6
accept-ranges
bytes
access-control-allow-origin
*
content-length
5136
x-served-by
cache-lax8622-LAX, cache-fra19156-FRA
Pilot_study_explores_convalescent_plasma_therapy_for_COVID_19_pic___4.7.20du___covid_19_5000501_1920___Pixabay.5e8c8d3e33d69.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/Pilot_study_explores_convalescent_plasma_therapy_for_COVID_19_pic___4.7.20du___covid_19_5000501_1920___Pixabay.5e8c8d3e33d69.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cc8f2eff94a9a84434ad2c6e372b17ab0d8b930a448c11e966bb8830879e59d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:52:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:25:52 GMT
server
imgix
age
1627
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
aaa63e68c88359f4d4c9886aaf5865ca3243c288
accept-ranges
bytes
access-control-allow-origin
*
content-length
5784
x-served-by
cache-lax8644-LAX, cache-fra19156-FRA
7258109015763691272
tpc.googlesyndication.com/simgad/ Frame 223E 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7258109015763691272
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 17:32:28 GMT
x-content-type-options
nosniff
age
854431
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31920
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 17:32:28 GMT
11222115162858062618
tpc.googlesyndication.com/simgad/ Frame 2268 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11222115162858062618
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fbeb20754a73882ef8272aa37ca0fb6e665a2318fa34a128e34a60650a3f7f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 00:00:58 GMT
x-content-type-options
nosniff
age
831121
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33702
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:18 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Mar 2021 00:00:58 GMT
7258109015763691272
tpc.googlesyndication.com/simgad/ Frame EBCD 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7258109015763691272
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 17:32:28 GMT
x-content-type-options
nosniff
age
854431
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31920
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 17:32:28 GMT
11400159902587238257
tpc.googlesyndication.com/simgad/ Frame A533 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11400159902587238257
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b7080c0b6dd6f7ed3d49227b78a09f5dcb914d9ea72a2e6177d12e506bfe97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 14:00:16 GMT
x-content-type-options
nosniff
age
262363
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
66185
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 22:02:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 14:00:16 GMT
consent.js
s.adroll.com/j/ 		243 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
W7pJTDq0578OcjyRZxtRH_BjDuWCGgRc
Content-Encoding
gzip
x-amz-request-id
BFDDD219E02D63AA
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 14:52:59 GMT
Connection
keep-alive
Content-Length
33195
x-amz-id-2
0vEYWSNr8BIWIFx+Vt855bKM9PGQi1O3TTl+RSbaQgK2eZJeo3lhhvwHGpfanAseKG0Oz2obOWc=
Last-Modified
Tue, 19 Nov 2019 20:42:26 GMT
Server
AmazonS3
ETag
"2f9f76c2d377be42af05cdf34c632618"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
7258109015763691272
tpc.googlesyndication.com/simgad/ Frame 84E6 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7258109015763691272
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 17:32:28 GMT
x-content-type-options
nosniff
age
854431
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31920
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 17:32:28 GMT
11400159902587238257
tpc.googlesyndication.com/simgad/ Frame B452 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11400159902587238257
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b7080c0b6dd6f7ed3d49227b78a09f5dcb914d9ea72a2e6177d12e506bfe97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 14:00:16 GMT
x-content-type-options
nosniff
age
262363
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
66185
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 22:02:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 14:00:16 GMT
hpn
olytics.as3.io/events/ebm/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/events/ebm/hpn
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 07 Apr 2020 14:53:00 GMT
server
Apache/2.4.25 (Debian)
access-control-allow-origin
*
x-powered-by
PHP/5.6.40
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/html; charset=UTF-8
status
200
cache-control
public, s-maxage=2592000
access-control-allow-headers
origin, content-type, accept, user-agent
content-length
0
hpn
olytics.as3.io/events/ebm/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/events/ebm/hpn
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 07 Apr 2020 14:53:00 GMT
server
Apache/2.4.25 (Debian)
access-control-allow-origin
*
x-powered-by
PHP/5.6.40
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/html; charset=UTF-8
status
200
cache-control
public, s-maxage=2592000
access-control-allow-headers
origin, content-type, accept, user-agent
content-length
0
hod
d.adroll.com/consent/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/consent/hod?_e=view_banner&_s=71d97f41ec9f0b181533327b69b75288&_b=2.1&_a=L5HHENJSKZDLXBM4TXRFHG
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.186.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-186-35.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
date
Tue, 07 Apr 2020 14:52:59 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.16.1
content-length
42
vary
Cookie
content-type
image/gif
/
www.hpnonline.com/sbbi/ Frame 74E7 		516 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

:method
POST
:authority
www.hpnonline.com
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2
content-length
655
pragma
no-cache
cache-control
no-cache
origin
https://www.hpnonline.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPSI=12dad184275ddd3671087ac6ecae8077; spcsrf=fa6d4f26100895df07cdaf8958d0a992; sp_lit=TR+3kJ9A88heOYA3LBD+Rg==; PRLST=YE; UTGv2=h46dedfe526e9ab16e691479c78d6b0abe59; _ga=GA1.2.5152451.1586271179; _gid=GA1.2.2002876935.1586271179; _gat_UA-62993175-5=1; __gads=ID=7dd69da6bf6d59d4:T=1586271179:S=ALNI_MYrHnP3trV3tPdYD_4WVa96bB88kQ; dpm_url_count=1; adOtr=da2114d2857; __sapience_v=%7B%22id%22%3A%2223a945d5-ddfb-4bcf-854e-a3f89b1c316a%22%2C%22customerId%22%3Anull%7D; __sapience_s=%7B%22id%22%3A%22e8f969c2-a201-4e83-a8af-e0597674b474%22%2C%22createdAt%22%3A%22Tue%2C%2007%20Apr%202020%2014%3A52%3A59%20GMT%22%7D
Origin
https://www.hpnonline.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2

Response headers

status
200
date
Tue, 07 Apr 2020 14:53:00 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
x-hw
1586271180.cds164.fr8.hn,1586271180.cds099.fr8.sc,1586271180.cdn2-wafbe01-fra1.stackpath.systems.-.i,1586271180.cds099.fr8.p
access-control-allow-origin
*
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=3478234277276733128&pixelIndex=0&_=1586271179536
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3478234277276733128&pixelIndex=0&_=1586271179536&google_gid=CAESEPAjZabFbzNF9QfeWD9DEHw&google_cver=1
0
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3478234277276733128&pixelIndex=0&_=1586271179536&google_gid=CAESEPAjZabFbzNF9QfeWD9DEHw&google_cver=1
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.86.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-86-40.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:53:00 GMT
server
HTTP server (unknown)
location
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3478234277276733128&pixelIndex=0&_=1586271179536&google_gid=CAESEPAjZabFbzNF9QfeWD9DEHw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
368
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
423396.gif
idsync.rlcdn.com/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/423396.gif?partner_uid=3478234277276733128
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Tue, 07 Apr 2020 14:53:00 GMT
via
1.1 google
alt-svc
clear
hpn
olytics.as3.io/events/ebm/ 		16 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/events/ebm/hpn
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:53:00 GMT
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/5.6.40
status
201
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache=Set-Cookie, private, s-maxage=0
content-length
16
expires
Sat, 01 Jan 2000 01:01:01 GMT
hpn
olytics.as3.io/events/ebm/ 		16 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/events/ebm/hpn
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:53:00 GMT
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/5.6.40
status
201
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache=Set-Cookie, private, s-maxage=0
content-length
16
expires
Sat, 01 Jan 2000 01:01:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

timing-allow-origin
*
date
Tue, 07 Apr 2020 14:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
18139634824200265979
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:53:00 GMT
olytics
oqs.omeda.com/oqs/rest/ 		0
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 07 Apr 2020 14:53:00 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Headers
Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Length
0
X-XSS-Protection
1; mode=block
gpt.js
www.googletagservices.com/tag/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

date
Tue, 07 Apr 2020 14:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"479 / 852 of 1000 / last-modified: 1586189351"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:53:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2268 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTlYi6olSX4j-wO8hSrOkrgPUkMmYXkinLD7fpkt8VtVG5rO7fW4z_Q1xC8tiq6PHXXXHyOhIolsqSOC18GyOXeZziTbCKHPLT3LPAaec&sig=Cg0ArKJSzI4s4pxAjDrdEAE&id=ampim&o=429,126&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=157&tls=1158&g=100&h=100&tt=1158&r=v&adk=321684541&avms=ampa
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:53:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EBCD 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVS_yFNoI3OICv4tdiYsQQgEVLXQb0pme8CJe2D81KREQSdwmPwDaJQbfXMJ2Y29X9YI8x4_fa0692BoK9QNeuygjnLXsIo5wbyJkmmak&sig=Cg0ArKJSzPJvwj5_a4CLEAE&id=ampim&o=1024,444&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=156&tls=1157&g=100&h=100&tt=1157&r=v&adk=2740456505&avms=ampa
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:53:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
olytics
oqs.omeda.com/oqs/rest/ 		15 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Apr 2020 14:53:00 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
/
www.hpnonline.com/sbbi/ Frame 74E7 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
484ce3acc69c4c8983281c061c16f65a7ff176e7580cce56d540410336517433

Request headers

:method
GET
:authority
www.hpnonline.com
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=YE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPSI=12dad184275ddd3671087ac6ecae8077; spcsrf=fa6d4f26100895df07cdaf8958d0a992; sp_lit=TR+3kJ9A88heOYA3LBD+Rg==; PRLST=YE; UTGv2=h46dedfe526e9ab16e691479c78d6b0abe59; _ga=GA1.2.5152451.1586271179; _gid=GA1.2.2002876935.1586271179; _gat_UA-62993175-5=1; __gads=ID=7dd69da6bf6d59d4:T=1586271179:S=ALNI_MYrHnP3trV3tPdYD_4WVa96bB88kQ; dpm_url_count=1; adOtr=da2114d2857; __sapience_v=%7B%22id%22%3A%2223a945d5-ddfb-4bcf-854e-a3f89b1c316a%22%2C%22customerId%22%3Anull%7D; __sapience_s=%7B%22id%22%3A%22e8f969c2-a201-4e83-a8af-e0597674b474%22%2C%22createdAt%22%3A%22Tue%2C%2007%20Apr%202020%2014%3A52%3A59%20GMT%22%7D; oly_enc_id=null; oly_anon_id=%22F-09bd2fa5-9bf0-4d58-a5cf-f0409f0c467e%22; dpm_time_site=1.022
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=YE&sbbgs=h46dedfe526e9ab16e691479c78d6b0abe59&ddl=2

Response headers

status
200
date
Tue, 07 Apr 2020 14:53:01 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
x-hw
1586271181.cds164.fr8.hn,1586271181.cds100.fr8.sc,1586271181.cdn2-wafbe02-fra1.stackpath.systems.-.i,1586271181.cds100.fr8.p
access-control-allow-origin
*
p
olytics.omeda.com/olytics/segments/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/p
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 07 Apr 2020 14:53:11 GMT
Server
Apache
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
/
olytics.omeda.com/olytics/segments/form/check/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 07 Apr 2020 14:53:11 GMT
Server
Apache
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040202&st=env
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbe25db3beb632308cdcf6500906661f33ed42f26182c7f9a935e43978ddc8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5204
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040202.js?21065815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:53:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2393 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Tue, 07 Apr 2020 14:05:32 GMT
expires
Wed, 07 Apr 2021 14:05:32 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2849
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040202&jk=4413855961476374&bg=!ammlaXFYXVRhvLSsIc4CAAAAOlIAAAALmQFdHsS2qHBIhakvX4_VQUZXXS-GT-4k3FmszhpOtAq6mAkDLsCRlHniy0Q9WmkKefSK2UJMn0mn2p218mm5FLGr08QQ418pxV8VrTBLXdfzsO5DOiMTZuMoyTqP1BN655RUQrS-pOSBJ1KsqGuq14dm2NwNcRFKnxUfXSXCXooa8ol33i4sNQcQzPR8Y2bQTAnV8YQ1aF7g1AkiFO8uwY3VtyjmM0chPMR9nf0IA_ZoboQRh7rK2qWzBfEyO81LCms3a1udeD0EN3kIgEc2crIyEXkvMmGDHT3QS57fYiRN13igp98q8OwirtAElbMGXWdC4rDi0ucOuMFBNh9scPP3AE4s2xqS0nae5LTXG1ZWYLeeITOo5h-5EtBsmbaPjPzP29r5l3Z9SK0Y1FYoYz4gqXqGwUvUAYKAq-gwngxudqatY665yQorlMJ-Df5-NutZI63CrTEINHSf_SM_vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:53:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
olytics.omeda.com/olytics/segments/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
7b6331a712f1b6e192f9a991657db5b18a2437a5e37dcc997f3b17ecba5a8df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Apr 2020 14:53:12 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
index.php
a.dpmsrv.com/dpmpxl/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=20958681%2C21130652&cl=1120&pixelIndex=0&r=303738&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&id=3478234277276733128&_=1586271179537
Requested by
Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_1592af7e76a7114b4f9beea0be4746f59ada13a6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.86.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-86-40.compute-1.amazonaws.com
Software
/
Resource Hash
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
31
Expires
0
seg
ib.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/seg?member=827&add=20958681,21130652
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.216 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 14:53:03 GMT
AN-X-Request-Uuid
1645f3a3-b80f-4db6-a233-d9086dda78ea
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.22:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
olytics.omeda.com/olytics/segments/form/check/ 		20 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Apr 2020 14:53:12 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
xclose.png
olytics.omeda.com/olytics/img/ 		958 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olytics.omeda.com/olytics/img/xclose.png
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
2862ad1a2d8a7f739b935dc2fa1cbed5c426d68572d1032a08f2c7f5c1c0bf59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 07 Apr 2020 14:53:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Mar 2018 13:37:38 GMT
Server
Apache
ETag
W/"958-1521812258000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Wed, 08 Apr 2020 02:53:22 GMT
va9f4kDNxMZdWfMOD5VvkrBiQyf4VFnklULW.woff2
fonts.gstatic.com/s/firasans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9f4kDNxMZdWfMOD5VvkrBiQyf4VFnklULW.woff2
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5637459665d0aec1a29d8700169430087de6bd3240e4ef5fb23bb09370b4766b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 21:29:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:58 GMT
server
sffe
age
2395438
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15928
x-xss-protection
0
expires
Wed, 10 Mar 2021 21:29:14 GMT
imp
olytics.omeda.com/olytics/segments/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/imp
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 07 Apr 2020 14:53:22 GMT
Server
Apache
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
imp
olytics.omeda.com/olytics/segments/ 		20 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/imp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Apr 2020 14:53:23 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonpCMSBrowserComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| lazySizes function| vueRecaptchaApiLoaded object| CMSBrowserComponents object| googletag object| dataLayer string| FortnightObject function| fortnight string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid object| sbbeccfi string| sbbgs object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| google_tag_manager number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id object| gaGlobal string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| GoogleAnalyticsObject function| ga string| olyticsOid string| olyticsBehaviorId string| method object| olytics object| a object| __core-js_shared__ function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_data object| gaplugins object| gaData string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| cookieconsent function| Dpxl object| dpmPixels object| jQuery11110687462742116006 object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt number| sbbtstflgsbbhbka boolean| sbbhbka function| __cmp object| adroll_exp_list object| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country function| uuid object| Sapience object| $jscomp string| BANNER_VERSION object| __adroll_consent_banner object| JSON3 function| normalize boolean| sbrmp object| GoogleGcLKhOms

17 Cookies

Domain/Path Name / Value
.hpnonline.com/ Name: oly_anon_id
Value: %22F-09bd2fa5-9bf0-4d58-a5cf-f0409f0c467e%22
.hpnonline.com/ Name: oly_enc_id
Value: null
www.hpnonline.com/ Name: adOtr
Value: da2114d2857
www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791 Name: hasLiveRampMatch
Value: true
.hpnonline.com/ Name: _gat_UA-62993175-5
Value: 1
www.hpnonline.com/ Name: UTGv2
Value: h46dedfe526e9ab16e691479c78d6b0abe59
www.hpnonline.com/ Name: sp_lit
Value: TR+3kJ9A88heOYA3LBD+Rg==
www.hpnonline.com/ Name: PRLST
Value: YE
.hpnonline.com/ Name: __gads
Value: ID=7dd69da6bf6d59d4:T=1586271179:S=ALNI_MYrHnP3trV3tPdYD_4WVa96bB88kQ
www.hpnonline.com/ Name: __sapience_v
Value: %7B%22id%22%3A%2223a945d5-ddfb-4bcf-854e-a3f89b1c316a%22%2C%22customerId%22%3Anull%7D
www.hpnonline.com/ Name: spcsrf
Value: fa6d4f26100895df07cdaf8958d0a992
www.hpnonline.com/ Name: dpm_url_count
Value: 1
www.hpnonline.com/ Name: SPSI
Value: 12dad184275ddd3671087ac6ecae8077
.hpnonline.com/ Name: _gid
Value: GA1.2.2002876935.1586271179
www.hpnonline.com/ Name: dpm_time_site
Value: 1.022
www.hpnonline.com/ Name: __sapience_s
Value: %7B%22id%22%3A%22e8f969c2-a201-4e83-a8af-e0597674b474%22%2C%22createdAt%22%3A%22Tue%2C%2007%20Apr%202020%2014%3A52%3A59%20GMT%22%7D
.hpnonline.com/ Name: _ga
Value: GA1.2.5152451.1586271179

8 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 1)
Message:
olytics fire called
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 1)
Message:
personalization impression sent

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
d.adroll.com
d.adroll.mgr.consensu.org
d24bnj4f1s1f8m.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
img.hpnonline.com
olytics.as3.io
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
polyfill.io
s.adroll.com
s.dpmsrv.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trailer.web-view.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.hpnonline.com
143.204.97.2
149.126.77.62
151.139.128.10
172.217.18.98
185.33.223.216
204.180.130.159
204.180.130.165
23.213.164.149
2600:9000:21f3:b000:6:b4cc:d980:21
2606:4700::6810:85e5
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2001
2a00:1450:4001:81d::2008
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9b
2a04:4e42:200::621
2a04:4e42:3::720
35.175.86.40
35.190.72.21
54.174.221.155
63.32.186.35
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
064282bdfcb1d589a67f8940076741fd9b90c43baaae421a71a5a96a226b9e71
0ad15882d8c6fe771d22a15f056c973859d44deeeb28ab404385dfe76f4f24f9
0e9812be9c9f550e2e2dd94de2f7a1d3fa4ca087dc20888be1e931ab5d22c9dc
1901883b41320f43b0643db4b3e0acec95cd96343ea192995777687b7e3098c4
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8
1b7d9ea9ab5b84692f3280f86d3322a9789834f55e10343ecb9cad4945de4c15
240f41e31fe911c0196cb55cb0a180bf66202a6f9397df061b7304c6b2b88beb
2862ad1a2d8a7f739b935dc2fa1cbed5c426d68572d1032a08f2c7f5c1c0bf59
294854484854cb24749fabe1f0be264fff4c770f6c65d9ba0313074176f74b89
2b9334c002212023f39814dac087f127a4939f0f3ffac43afd7eb172f8fd7fb0
2ef1cd6e4a24b74cdea3c038d14e0c83679852fa7b1b00d75d82bd66bae04e57
2fbeb20754a73882ef8272aa37ca0fb6e665a2318fa34a128e34a60650a3f7f1
317bf1d62cfffb0a5f635b114e9d169ca73cd50fac5f97b92b010c635b35818b
33b8ab955ca6c9dc500e9055d44a6593ce2c19c481d98884bfd8ce56f2876764
37cef0da477b61387d849bf741eadfb3e11a7a12dd26be26b437a4d06a313d45
4227bb880046aabada279f14b4c6058c1b148d1e576a206ed1b260e02f7069af
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
484ce3acc69c4c8983281c061c16f65a7ff176e7580cce56d540410336517433
4b17f65b9c3e956c423712d1f6fad95924947f4ea247683ff9f4174886052532
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
53efe450dad05e971b8b6d8e68100d9ca7790258e1e026a7abb607eec11325c3
5637459665d0aec1a29d8700169430087de6bd3240e4ef5fb23bb09370b4766b
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
590f9bfc475d57c114cb4a9b3b558d04fabc9e9913a4b158494b2036363c6648
591c03fa5d6aeafd8a894846669613efc6fa5103beba00fbada8d2b340039260
668881360faad6b06e8ba9ae8114b30a1b48e7d40a0d7b27d10281178f1aace4
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
6b7f01b9f7ba7dfc72d0797c49d1df2906cd96bae8dbc27c04432fbdb52687ed
78cf423a51a7b2d1bd1c98ea9820d5c4020ddfb534e1c4a95ffe9de00f789cea
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
7b6331a712f1b6e192f9a991657db5b18a2437a5e37dcc997f3b17ecba5a8df0
8204d955949011c5828e9abf4d8b96d072565c688aef0b35b502e5c41529a7aa
82b7080c0b6dd6f7ed3d49227b78a09f5dcb914d9ea72a2e6177d12e506bfe97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88bd9dfe93a94d11c89bb8c841849f47c5bc3e7bc828c7bbab6649ad5ae6c7d4
9e28da7f8111b7ceed304c0f404e77cf2c57d041b0701885607434a5236b8582
9ee8779efdfe5a03e8f9369b360295f423ccede1abb1a895e18b32e9fdab6b5c
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a5f1fb9938e8062b8294dc01ca4b9202ea6a9b2abfc6bb365c25dead8a99ab5d
a7615c0ede449b84bda6675f817e088578aa7cdbf6ceedc315a562c7f510ca5a
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
a93c382c663cca23ee1b276a8bd2fb6e9dc4e16ab8d6f03610adb466cfaf6f47
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
aed1470468ad66e62ad13a924ebe753bd2ff0b93d2997fcffcd17ec227cd5da6
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dee28cc772eb1903b9c309483167354c1054136ccf16ef18908b2eecd4b980
b4e68e0925d36a50056405d18b488f3b6cb2e92389fa60798487358ac0fb9bbe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc942b6722f322fea8f5217f1c684150c728e52d22ea5bbeff9f1f5099fb0d49
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
cbe25db3beb632308cdcf6500906661f33ed42f26182c7f9a935e43978ddc8ad
cc8f2eff94a9a84434ad2c6e372b17ab0d8b930a448c11e966bb8830879e59d3
cefec80a8ff913dcde9216b9f304c5f44b0474a1d7095a964ec75d0b1b611bc2
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
dc7c05ecff2e2824bbfa33b38c9a86e8fa6ecaca29777cd1f6f1d80b99c8b4af
dffd87875217d58f696f50d13310ca28621639317d731d2246c1d6141b2fb7f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e630479a0bc943ba3e41c918c94a8f796e643462aacee55126ad1ea217908ab0
ea02f27c77dec17d65d0b36b7ea1c9751bd678fe711281fab15e1a892790dcb4
ead5f3fd418cfe144b3f7b86716c46cca13c7a8f2db2873170a099216da193fe
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec2a3e1dfcc59cfdc3c3d8ae5460e8b162a9d135f2919ae3c6715a5152f6ed83
ed77d02c4d29c4e104ea6b8b90c50da19685375b158db9ca06f64e284bacc945
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2272f7bb967ee370a06c2e95fc6b18ae1de025b0f389ad99e1444102f30f22
f43c1ebb9d03a81af89b4b2c2ff3d5de69f9b9ae4d94ecdfbfb18ab47e3cf00b
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d
f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
ffadaa5b028ec126d64eeb8438f814f40d7ba6a033ce156a5eb6e821d3410cf1