www.barrons.com Open in urlscan Pro
2600:9000:204d:9200:14:c68f:c40:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Submission: On April 30 via api (April 30th 2023, 1:36:31 am UTC) from CA — Scanned from CA

Summary HTTP 483 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 115 IPs in 4 countries across 94 domains to perform 483 HTTP transactions. The main IP is 2600:9000:204d:9200:14:c68f:c40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.barrons.com. The Cisco Umbrella rank of the primary domain is 66335.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 28th 2023. Valid for: 8 months.

This is the only time www.barrons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2600:9000:204... 2600:9000:204d:9200:14:c68f:c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.211.32.81 3.211.32.81	14618 (AMAZON-AES) (AMAZON-AES)
2 5	13.249.141.127 13.249.141.127	16509 (AMAZON-02) (AMAZON-02)
23	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
16	23.196.185.161 23.196.185.161	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.85.249.178 52.85.249.178	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::200d	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21d... 2600:9000:21d5:ee00:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.226.22.125 13.226.22.125	16509 (AMAZON-02) (AMAZON-02)
18	2600:9000:212... 2600:9000:212f:1800:1a:635e:8fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f0:1200:f:5016:900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.195.88 52.217.195.88	16509 (AMAZON-02) (AMAZON-02)
10	18.164.124.126 18.164.124.126	16509 (AMAZON-02) (AMAZON-02)
1	65.8.49.124 65.8.49.124	16509 (AMAZON-02) (AMAZON-02)
3	52.14.9.78 52.14.9.78	16509 (AMAZON-02) (AMAZON-02)
2	52.44.30.82 52.44.30.82	14618 (AMAZON-AES) (AMAZON-AES)
2	44.206.92.231 44.206.92.231	14618 (AMAZON-AES) (AMAZON-AES)
9	13.249.141.37 13.249.141.37	16509 (AMAZON-02) (AMAZON-02)
1	2600:1400:d:4... 2600:1400:d:4a3::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	104.127.184.98 104.127.184.98	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:24e... 2600:9000:24ef:f400:19:6ce8:b580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	108.138.105.30 108.138.105.30	16509 (AMAZON-02) (AMAZON-02)
1	104.18.16.195 104.18.16.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2600:9000:251... 2600:9000:2511:9800:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	54.145.162.27 54.145.162.27	14618 (AMAZON-AES) (AMAZON-AES)
4	34.236.83.94 34.236.83.94	14618 (AMAZON-AES) (AMAZON-AES)
3	35.81.179.60 35.81.179.60	16509 (AMAZON-02) (AMAZON-02)
5 11	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
4	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.192.36.208 44.192.36.208	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
4	2602:803:c002... 2602:803:c002:300::99	26667 (RUBICONPR...) (RUBICONPROJECT)
2	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	2600:9000:221... 2600:9000:2211:5e00:6:ddc1:5c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	52.1.136.228 52.1.136.228	14618 (AMAZON-AES) (AMAZON-AES)
2 15	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
20	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
1	54.86.208.12 54.86.208.12	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.38.160 63.140.38.160	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.239.204.15 34.239.204.15	14618 (AMAZON-AES) (AMAZON-AES)
6	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2 4	54.164.141.245 54.164.141.245	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:204... 2600:9000:204d:7e00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.230.17.19 54.230.17.19	16509 (AMAZON-02) (AMAZON-02)
1	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1	18.160.30.66 18.160.30.66	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1400:900... 2600:1400:9000::687e:74bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:190d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f011:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2 4	65.8.49.61 65.8.49.61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:c12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::2010	15169 (GOOGLE) (GOOGLE)
1	34.160.158.95 34.160.158.95	15169 (GOOGLE) (GOOGLE)
4	52.95.190.98 52.95.190.98	16509 (AMAZON-02) (AMAZON-02)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	54.86.220.23 54.86.220.23	14618 (AMAZON-AES) (AMAZON-AES)
8 11	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
5	54.152.15.101 54.152.15.101	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
4 4	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	23.221.200.79 23.221.200.79	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	13.249.141.41 13.249.141.41	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21d... 2600:9000:21da:4400:b:9734:2640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.234.108.188 34.234.108.188	14618 (AMAZON-AES) (AMAZON-AES)
1	34.107.222.173 34.107.222.173	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 8	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 14	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	69.192.109.53 69.192.109.53	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.211.130.59 23.211.130.59	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 22	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	18.164.101.60 18.164.101.60	16509 (AMAZON-02) (AMAZON-02)
5	2600:141b:900... 2600:141b:9000:288::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2600:9000:226... 2600:9000:2269:6c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
8 11	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.237.41.29 54.237.41.29	14618 (AMAZON-AES) (AMAZON-AES)
1	13.33.60.53 13.33.60.53	16509 (AMAZON-02) (AMAZON-02)
2	13.249.141.21 13.249.141.21	16509 (AMAZON-02) (AMAZON-02)
2	13.249.141.96 13.249.141.96	16509 (AMAZON-02) (AMAZON-02)
2	34.102.180.215 34.102.180.215	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.120.127.126 34.120.127.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	2600:1f18:4e9... 2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1	14618 (AMAZON-AES) (AMAZON-AES)
8 8	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
9 14	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2 2	44.214.133.87 44.214.133.87	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2606:ae80:147... 2606:ae80:1471:11::440	25751 (VALUECLICK) (VALUECLICK)
1 1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 8	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
3	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
2	143.204.146.41 143.204.146.41	16509 (AMAZON-02) (AMAZON-02)
1	34.198.52.55 34.198.52.55	14618 (AMAZON-AES) (AMAZON-AES)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1	20.40.202.2 20.40.202.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 11	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	52.73.235.138 52.73.235.138	14618 (AMAZON-AES) (AMAZON-AES)
2 3	50.16.174.192 50.16.174.192	14618 (AMAZON-AES) (AMAZON-AES)
1	52.95.126.138 52.95.126.138	16509 (AMAZON-02) (AMAZON-02)
3	145.40.89.32 145.40.89.32	54825 (PACKET) (PACKET)
1 1	2600:9000:215... 2600:9000:215f:4c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1 1	64.247.193.150 64.247.193.150	11320 (LIGHTEDGE...) (LIGHTEDGE-AS-02)
5	86.109.7.56 86.109.7.56	54825 (PACKET) (PACKET)
2	108.139.29.64 108.139.29.64	16509 (AMAZON-02) (AMAZON-02)
3	104.77.238.162 104.77.238.162	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.155.137 34.120.155.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.52.157.179 23.52.157.179	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	54.85.199.144 54.85.199.144	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	23.197.37.247 23.197.37.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
12	23.198.217.152 23.198.217.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1 1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
483	115

27 2600:9000:204d:9200:14:c68f:c40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.32.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-32-81.compute-1.amazonaws.com

segment-data.zqtk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.249.141.127 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-127.ord51.r.cloudfront.net

us.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.marketwatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:807::2002 (New York, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.196.185.161 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-185-161.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.249.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-249-178.ord51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200d (New York, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80f::200e (New York, United States)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21d5:ee00:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.22.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-22-125.ord51.r.cloudfront.net

optimizely.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:212f:1800:1a:635e:8fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

asset.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:1200:f:5016:900:93a1 (United States)

ASN16509 (AMAZON-02, US)

accounts.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.195.88 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.164.124.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-126.jfk50.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.49.124 (Ft. Pierce, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-49-124.ord52.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.14.9.78 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-9-78.us-east-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.30.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-30-82.compute-1.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.206.92.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-92-231.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.249.141.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-37.ord51.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d:4a3::13b8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.127.184.98 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-184-98.deploy.static.akamaitechnologies.com

api.wsj.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24ef:f400:19:6ce8:b580:93a1 (United States)

ASN16509 (AMAZON-02, US)

sso.accounts.dowjones.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.105.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-105-30.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.16.195 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2511:9800:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.145.162.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-162-27.compute-1.amazonaws.com

cortex.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.81.179.60 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-179-60.us-west-2.compute.amazonaws.com

pg-prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 68.67.179.166 (North Bergen, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.192.36.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-192-36-208.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c002:300::99 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2211:5e00:6:ddc1:5c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.capi.newscorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.1.136.228 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-136-228.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:821::2001 (New York, United States)

ASN15169 (GOOGLE, US)

a25c2057485bacf8d30418738bc64a02.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
331afe2bb48f994fe0d9101d6b5b6bfd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.208.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-208-12.compute-1.amazonaws.com

dowjones.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.160 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-160.data.adobedc.net

oms.dowjoneson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.204.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-204-15.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.164.141.245 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-141-245.compute-1.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:204d:7e00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.17.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-17-19.ord51.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.30.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-30-66.iad55.r.cloudfront.net

d2oh4tlt9mrke9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:74bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:190d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f011:8:face:b00c:0:1 (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.8.49.61 (Ft. Pierce, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-8-49-61.ord52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2010 (New York, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.158.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.158.160.34.bc.googleusercontent.com

web-sdk.urbanairship.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.95.190.98 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

tgamriker.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.220.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-220-23.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.151.100 (United States) 8 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.152.15.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-15-101.compute-1.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

pblog.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:817::200e (New York, United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.171 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.221.200.79 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-79.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.249.141.41 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-41.ord51.r.cloudfront.net

tags.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.realtor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.decider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.penews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:4400:b:9734:2640:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.108.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-108-188.compute-1.amazonaws.com

usasync01.admantx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.222.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.222.107.34.bc.googleusercontent.com

6b6b990e-d9d8-4116-a028-76da837d7607.partner.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.234.236 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.40.39.223 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.192.109.53 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-53.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.211.130.59 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-130-59.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.223.22.214 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:141b:9000:288::268b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2269:6c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:1ec:21::14 (United States) 8 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.41.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-41-29.compute-1.amazonaws.com

ws.sessioncam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-53.ewr52.r.cloudfront.net

www.ncaudienceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.141.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-21.ord51.r.cloudfront.net

tags.mansionglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.pagesix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.141.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-96.ord51.r.cloudfront.net

tags.wsj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.nypost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.180.215 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.180.102.34.bc.googleusercontent.com

v2.pixel.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.127.126 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.127.120.34.bc.googleusercontent.com

sac.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.71.131.137 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.72.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.214.133.87 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-133-87.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:11::440 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:821::2002 (New York, United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.146.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-41.ewr52.r.cloudfront.net

follow-api.barrons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.52.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-52-55.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:817::2004 (New York, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.235.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-235-138.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.16.174.192 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:4c00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:823::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.247.193.150 (United States) 1 redirects

ASN11320 (LIGHTEDGE-AS-02, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 86.109.7.56 (Ashburn, United States)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.29.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-64.jfk50.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.77.238.162 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-238-162.deploy.static.akamaitechnologies.com

content.cxpublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.157.179 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-157-179.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.178.172 (North Charleston, United States) 4 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.199.144 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-199-144.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.127 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.197.37.247 (Edison, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-37-247.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.183.20 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.198.217.152 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-217-152.deploy.static.akamaitechnologies.com

dowjones8650224.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States) 1 redirects

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	barrons.com 2 redirects www.barrons.com — Cisco Umbrella Rank: 66335 optimizely.barrons.com — Cisco Umbrella Rank: 312069 asset.barrons.com — Cisco Umbrella Rank: 70879 accounts.barrons.com — Cisco Umbrella Rank: 145851 pblog.barrons.com — Cisco Umbrella Rank: 380512 tags.barrons.com — Cisco Umbrella Rank: 20929 images.barrons.com — Cisco Umbrella Rank: 107435 sac.barrons.com — Cisco Umbrella Rank: 302294 follow-api.barrons.com — Cisco Umbrella Rank: 324723	1 MB
45	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	581 KB
34	googlesyndication.com a25c2057485bacf8d30418738bc64a02.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 331afe2bb48f994fe0d9101d6b5b6bfd.safeframe.googlesyndication.com c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	364 KB
29	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 92 news.google.com — Cisco Umbrella Rank: 7327 adservice.google.com — Cisco Umbrella Rank: 130 play.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 16	174 KB
27	rubiconproject.com 8 redirects pg-prebid-server.rubiconproject.com — Cisco Umbrella Rank: 27690 fastlane.rubiconproject.com — Cisco Umbrella Rank: 677 pixel.rubiconproject.com — Cisco Umbrella Rank: 447 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1275 eus.rubiconproject.com — Cisco Umbrella Rank: 798 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475 token.rubiconproject.com — Cisco Umbrella Rank: 795	37 KB
24	3lift.com 6 redirects tlx.3lift.com — Cisco Umbrella Rank: 797 eb2.3lift.com — Cisco Umbrella Rank: 535	11 KB
21	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 361 aax.amazon-adsystem.com — Cisco Umbrella Rank: 455 s.amazon-adsystem.com — Cisco Umbrella Rank: 376 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994	74 KB
21	moatads.com z.moatads.com — Cisco Umbrella Rank: 681 mb.moatads.com — Cisco Umbrella Rank: 1057 geo.moatads.com — Cisco Umbrella Rank: 1045 px.moatads.com — Cisco Umbrella Rank: 712	237 KB
20	wsj.net api.wsj.net — Cisco Umbrella Rank: 50131	17 KB
19	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1219	107 KB
18	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 768 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876 dsum.casalemedia.com — Cisco Umbrella Rank: 2284	13 KB
15	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	178 KB
13	linkedin.com 8 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	8 KB
13	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 5988 p1cluster.cxense.com — Cisco Umbrella Rank: 13497 comcluster.cxense.com — Cisco Umbrella Rank: 6880 id.cxense.com — Cisco Umbrella Rank: 11290 api.cxense.com — Cisco Umbrella Rank: 10816	131 KB
13	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 acdn.adnxs.com — Cisco Umbrella Rank: 806	44 KB
12	moatpixel.com dowjones8650224.s.moatpixel.com — Cisco Umbrella Rank: 40958	3 KB
10	yahoo.com 5 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1468 ups.analytics.yahoo.com — Cisco Umbrella Rank: 402 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	4 KB
10	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4131	96 KB
9	ml314.com 3 redirects ml314.com — Cisco Umbrella Rank: 2828 in.ml314.com — Cisco Umbrella Rank: 13905	13 KB
9	google.ca adservice.google.ca — Cisco Umbrella Rank: 14238 www.google.ca — Cisco Umbrella Rank: 8003	2 KB
9	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2985	222 KB
8	adsrvr.org 8 redirects match.adsrvr.org — Cisco Umbrella Rank: 451	4 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	243 KB
6	vidora.com assets.vidora.com — Cisco Umbrella Rank: 105803 cortex.vidora.com — Cisco Umbrella Rank: 236186	34 KB
6	newscgp.com 2 redirects us.tags.newscgp.com — Cisco Umbrella Rank: 12053 v2.pixel.newscgp.com — Cisco Umbrella Rank: 12647	217 KB
5	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 621 check.analytics.rlcdn.com — Cisco Umbrella Rank: 5350 api.rlcdn.com — Cisco Umbrella Rank: 1060	2 KB
5	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 974 us-u.openx.net — Cisco Umbrella Rank: 707 rtb.openx.net — Cisco Umbrella Rank: 1886	2 KB
5	imrworldwide.com 2 redirects secure-us.imrworldwide.com — Cisco Umbrella Rank: 2762 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2939	12 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 277 dowjones.demdex.net — Cisco Umbrella Rank: 42725	7 KB
5	newscorp.com content.capi.newscorp.com — Cisco Umbrella Rank: 252620	13 KB
5	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729 ads.pubmatic.com — Cisco Umbrella Rank: 725	18 KB
5	amazonaws.com s3.amazonaws.com tgamriker.s3.ca-central-1.amazonaws.com — Cisco Umbrella Rank: 416208	616 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 813	2 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	2 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 218	1 KB
3	cxpublic.com content.cxpublic.com — Cisco Umbrella Rank: 65666	340 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1459	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	247 B
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 187	5 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 875	2 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3954 collector.brandmetrics.com — Cisco Umbrella Rank: 4577	18 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	169 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2547	1 KB
2	bluekai.com 2 redirects stags.bluekai.com — Cisco Umbrella Rank: 842	1 KB
2	bing.com c.bing.com — Cisco Umbrella Rank: 413	955 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 5985	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 958	3 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1149	585 B
2	dotomi.com 2 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 4976	613 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 825	1 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3747 p1.parsely.com — Cisco Umbrella Rank: 3160	19 KB
2	admantx.com usasync01.admantx.com — Cisco Umbrella Rank: 25468	935 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	59 KB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 625 fonts.googleapis.com — Cisco Umbrella Rank: 119	74 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	136 KB
2	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d2oh4tlt9mrke9.cloudfront.net	62 KB
2	everesttech.net 2 redirects cm.everesttech.net — Cisco Umbrella Rank: 1516 sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	748 B
2	dowjoneson.com oms.dowjoneson.com — Cisco Umbrella Rank: 37123	660 B
2	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 803	625 B
2	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 751 logx.optimizely.com — Cisco Umbrella Rank: 1602	87 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019	452 B
1	bttrack.com 1 redirects bttrack.com — Cisco Umbrella Rank: 1329	351 B
1	colossusssp.com 1 redirects sync.colossusssp.com — Cisco Umbrella Rank: 2842	696 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1005	587 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1356	310 B
1	penews.com tags.penews.com — Cisco Umbrella Rank: 20878	3 KB
1	pagesix.com tags.pagesix.com — Cisco Umbrella Rank: 20418	3 KB
1	decider.com tags.decider.com — Cisco Umbrella Rank: 20986	3 KB
1	nypost.com tags.nypost.com — Cisco Umbrella Rank: 18796	3 KB
1	wsj.com tags.wsj.com — Cisco Umbrella Rank: 18350	3 KB
1	marketwatch.com tags.marketwatch.com — Cisco Umbrella Rank: 20357	3 KB
1	mansionglobal.com tags.mansionglobal.com — Cisco Umbrella Rank: 20868	3 KB
1	realtor.com tags.realtor.com — Cisco Umbrella Rank: 17733	3 KB
1	ncaudienceexchange.com www.ncaudienceexchange.com — Cisco Umbrella Rank: 16806	3 KB
1	sessioncam.com ws.sessioncam.com — Cisco Umbrella Rank: 18260	409 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	366 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	393 B
1	t.co t.co — Cisco Umbrella Rank: 584	375 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1867	157 B
1	permutive.app 6b6b990e-d9d8-4116-a028-76da837d7607.partner.permutive.app — Cisco Umbrella Rank: 239819	167 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 2272	665 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955	600 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1341	434 B
1	urbanairship.com web-sdk.urbanairship.com — Cisco Umbrella Rank: 32589	43 KB
1	gbqofs.com cdn.gbqofs.com — Cisco Umbrella Rank: 9995	137 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1749	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 10976
1	dowjones.com sso.accounts.dowjones.com — Cisco Umbrella Rank: 87808	310 B
1	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4791	44 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	6 KB
1	zqtk.net segment-data.zqtk.net — Cisco Umbrella Rank: 17299	335 B
0	knewz.com Failed tags.knewz.com Failed
483	94

	Domain	Requested by
27	www.barrons.com	1 redirects www.barrons.com
23	securepubads.g.doubleclick.net	www.barrons.com tagan.adlightning.com www.googletagservices.com securepubads.g.doubleclick.net
22	eb2.3lift.com	6 redirects www.barrons.com eb2.3lift.com
20	api.wsj.net	www.barrons.com
19	tags.tiqcdn.com	www.barrons.com
18	asset.barrons.com	www.barrons.com asset.barrons.com
16	tpc.googlesyndication.com	tagan.adlightning.com www.barrons.com c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com tpc.googlesyndication.com
15	s.amazon-adsystem.com	2 redirects www.barrons.com s.amazon-adsystem.com u.openx.net ssum-sec.casalemedia.com
14	pagead2.googlesyndication.com	tagan.adlightning.com www.barrons.com securepubads.g.doubleclick.net tpc.googlesyndication.com
14	cm.g.doubleclick.net	9 redirects u.openx.net s.amazon-adsystem.com www.barrons.com eb2.3lift.com
12	dowjones8650224.s.moatpixel.com	www.barrons.com
11	www.google.com	4 redirects www.barrons.com tagan.adlightning.com c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
11	ib.adnxs.com	5 redirects www.barrons.com tgamriker.s3.ca-central-1.amazonaws.com acdn.adnxs.com
10	px.moatads.com	www.barrons.com
10	cdn.privacy-mgmt.com	www.barrons.com
9	px.ads.linkedin.com	6 redirects www.barrons.com eb2.3lift.com
9	tagan.adlightning.com	www.barrons.com tagan.adlightning.com c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
8	googleads.g.doubleclick.net	3 redirects www.barrons.com c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
8	match.adsrvr.org	8 redirects
8	ml314.com	3 redirects z.moatads.com www.barrons.com
8	news.google.com	www.barrons.com news.google.com www.gstatic.com
7	www.gstatic.com	news.google.com www.gstatic.com
6	www.google.ca	www.barrons.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com www.barrons.com
6	play.google.com	www.gstatic.com
6	pixel.rubiconproject.com	3 redirects www.barrons.com s.amazon-adsystem.com
6	www.googletagservices.com	tagan.adlightning.com c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
6	csi.gstatic.com	securepubads.g.doubleclick.net
6	z.moatads.com	www.barrons.com tagan.adlightning.com
5	api.cxense.com	www.barrons.com
5	dsum.casalemedia.com	2 redirects ssum-sec.casalemedia.com www.barrons.com
5	cdn.cxense.com	www.barrons.com cdn.cxense.com
5	prebid-server.rubiconproject.com	www.barrons.com
5	content.capi.newscorp.com	www.barrons.com
4	b1sync.zemanta.com	4 redirects
4	x.bidswitch.net	4 redirects
4	token.rubiconproject.com	4 redirects
4	pr-bh.ybp.yahoo.com	3 redirects u.openx.net
4	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com www.barrons.com
4	tgamriker.s3.ca-central-1.amazonaws.com	tagan.adlightning.com
4	sb.scorecardresearch.com	2 redirects www.barrons.com
4	secure-us.imrworldwide.com	2 redirects www.barrons.com
4	dpm.demdex.net	1 redirects www.barrons.com
4	fastlane.rubiconproject.com	www.barrons.com tgamriker.s3.ca-central-1.amazonaws.com
4	htlb.casalemedia.com	www.barrons.com tgamriker.s3.ca-central-1.amazonaws.com
4	c2shb.pubgw.yahoo.com	www.barrons.com
4	us.tags.newscgp.com	2 redirects www.barrons.com
3	content.cxpublic.com	www.barrons.com
3	ps.eyeota.net	2 redirects www.barrons.com
3	www.facebook.com	www.barrons.com
3	www.googleadservices.com	www.barrons.com
3	ads.pubmatic.com	s.amazon-adsystem.com www.barrons.com
3	ssum-sec.casalemedia.com	1 redirects s.amazon-adsystem.com ssum-sec.casalemedia.com
3	sync.1rx.io	3 redirects
3	www.googletagmanager.com	www.barrons.com
3	adservice.google.com	www.barrons.com tagan.adlightning.com
3	adservice.google.ca	www.barrons.com tagan.adlightning.com
3	pg-prebid-server.rubiconproject.com	www.barrons.com
3	cortex.vidora.com	www.barrons.com
3	mb.moatads.com	z.moatads.com
3	assets.vidora.com	www.barrons.com
3	c.amazon-adsystem.com	www.barrons.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ads.betweendigital.com	2 redirects
2	stags.bluekai.com	2 redirects
2	c.bing.com	eb2.3lift.com
2	ads.creative-serving.com	2 redirects
2	js-sec.indexww.com	www.barrons.com
2	acdn.adnxs.com	www.barrons.com
2	c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com	tagan.adlightning.com
2	check.analytics.rlcdn.com	www.barrons.com
2	sync.crwdcntrl.net	2 redirects
2	idsync.rlcdn.com	2 redirects
2	follow-api.barrons.com	www.barrons.com
2	casale-match.dotomi.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	us-u.openx.net	u.openx.net
2	sac.barrons.com	www.barrons.com
2	v2.pixel.newscgp.com	www.barrons.com
2	px4.ads.linkedin.com	www.barrons.com
2	www.linkedin.com	2 redirects
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	ups.analytics.yahoo.com	2 redirects
2	usasync01.admantx.com	tagan.adlightning.com
2	tags.barrons.com	1 redirects www.barrons.com
2	static.criteo.net	www.barrons.com
2	cdn.brandmetrics.com	www.barrons.com
2	connect.facebook.net	www.barrons.com
2	oms.dowjoneson.com	www.barrons.com
2	hbopenbid.pubmatic.com	www.barrons.com
2	bidder.criteo.com	www.barrons.com
2	tlx.3lift.com	www.barrons.com
2	aax.amazon-adsystem.com	www.barrons.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	www.barrons.com
2	geo.moatads.com	z.moatads.com
1	sync-tm.everesttech.net	1 redirects
1	bttrack.com	1 redirects
1	fonts.googleapis.com	tpc.googlesyndication.com
1	api.rlcdn.com	www.barrons.com
1	331afe2bb48f994fe0d9101d6b5b6bfd.safeframe.googlesyndication.com	tagan.adlightning.com
1	sync.colossusssp.com	1 redirects
1	id.cxense.com	www.barrons.com
1	comcluster.cxense.com	cdn.cxense.com
1	s.ad.smaato.net	1 redirects
1	p1cluster.cxense.com	cdn.cxense.com
1	aax-eu.amazon-adsystem.com	s.amazon-adsystem.com
1	rtb.openx.net	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	collector.brandmetrics.com	www.barrons.com
1	p1.parsely.com	www.barrons.com
1	in.ml314.com	www.barrons.com
1	sync.taboola.com	1 redirects
1	tags.penews.com	www.barrons.com
1	tags.pagesix.com	www.barrons.com
1	tags.decider.com	www.barrons.com
1	tags.nypost.com	www.barrons.com
1	tags.wsj.com	www.barrons.com
1	tags.marketwatch.com	www.barrons.com
1	tags.mansionglobal.com	www.barrons.com
1	tags.realtor.com	www.barrons.com
1	www.ncaudienceexchange.com	www.barrons.com
1	ws.sessioncam.com	www.barrons.com
1	cdn.linkedin.oribi.io	www.barrons.com
1	analytics.twitter.com	www.barrons.com
1	t.co	www.barrons.com
1	alb.reddit.com	www.barrons.com
1	cdn.parsely.com	www.barrons.com
1	6b6b990e-d9d8-4116-a028-76da837d7607.partner.permutive.app	tgamriker.s3.ca-central-1.amazonaws.com
1	images.barrons.com	www.barrons.com
1	cs.media.net	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	pblog.barrons.com	www.barrons.com
1	logx.optimizely.com	www.barrons.com
1	web-sdk.urbanairship.com	www.barrons.com
1	storage.googleapis.com	www.barrons.com
1	cdn.gbqofs.com	www.barrons.com
1	snap.licdn.com	www.barrons.com
1	d2oh4tlt9mrke9.cloudfront.net	www.barrons.com
1	www.redditstatic.com	www.barrons.com
1	static.ads-twitter.com	www.barrons.com
1	d1z2jf7jlzjs58.cloudfront.net	www.barrons.com
1	cdn-gl.imrworldwide.com	www.barrons.com
1	cm.everesttech.net	1 redirects
1	dowjones.demdex.net	www.barrons.com
1	a25c2057485bacf8d30418738bc64a02.safeframe.googlesyndication.com	www.barrons.com
1	www.dianomi.com	www.barrons.com
1	sso.accounts.dowjones.com	www.barrons.com
1	cdn.optimizely.com	www.barrons.com
1	ats-wrapper.privacymanager.io	www.barrons.com
1	s3.amazonaws.com	www.barrons.com
1	cdnjs.cloudflare.com	www.barrons.com
1	accounts.barrons.com	www.barrons.com
1	optimizely.barrons.com	www.barrons.com
1	accounts.google.com	www.barrons.com
1	segment-data.zqtk.net	www.barrons.com
0	tags.knewz.com Failed	www.barrons.com
483	157

This site contains links to these domains. Also see Links.

Domain
www.google.com
support.apple.com
www.mozilla.org
store.barrons.com
accounts.barrons.com
www.realtor.com
wsj.com
www.wsj.com
www.marketwatch.com
www.fnlondon.com
customercenter.barrons.com
www.investors.com
www.mansionglobal.com
wsjshop.com
www.djreprints.com
ereader.barrons.com
corporate.barrons.com
mediakit.wsjbarrons.com
onboarding.barrons.com
www.dowjones.com

Subject Issuer	Validity	Valid
www.barrons.com Amazon RSA 2048 M02	`2023-02-28` - `2023-11-01`	8 months	crt.sh
*.zqtk.net Amazon RSA 2048 M02	`2023-03-01` - `2023-08-16`	6 months	crt.sh
us.tags.newscgp.com Amazon RSA 2048 M02	`2023-04-20` - `2024-05-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.vidora.com Amazon RSA 2048 M02	`2023-02-23` - `2024-02-09`	a year	crt.sh
optimizely.barrons.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-06`	9 months	crt.sh
asset.barrons.com Amazon RSA 2048 M02	`2023-02-22` - `2023-11-01`	8 months	crt.sh
accounts.dowjones.com Amazon RSA 2048 M02	`2023-02-22` - `2024-03-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
*.privacy-mgmt.com Amazon RSA 2048 M02	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
ssl.wsj.com GeoTrust RSA CA 2018	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sso.accounts.dowjones.com Amazon RSA 2048 M02	`2023-03-23` - `2024-04-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
vidora.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
content.capi.newscorp.com Amazon RSA 2048 M01	`2023-01-27` - `2024-02-24`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.google.ca GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
oms.dowjoneson.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-10` - `2024-01-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-06` - `2023-05-07`	3 months	crt.sh
*.brandmetrics.com GTS CA 1P5	`2023-03-12` - `2023-06-10`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.urbanairship.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-14`	a year	crt.sh
*.s3.ca-central-1.amazonaws.com Amazon	`2022-09-21` - `2023-09-14`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-02-27` - `2023-08-22`	6 months	crt.sh
pblog.barrons.com GTS CA 1D4	`2023-03-21` - `2023-06-19`	3 months	crt.sh
images.barrons.com Amazon RSA 2048 M01	`2023-02-21` - `2023-08-25`	6 months	crt.sh
*.admantx.com SSL.com RSA SSL subCA	`2023-04-18` - `2024-05-18`	a year	crt.sh
*.partner.permutive.app R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
ml314.com GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M01	`2023-02-24` - `2023-07-04`	4 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
ws.sessioncam.com Amazon RSA 2048 M02	`2023-02-16` - `2024-03-15`	a year	crt.sh
ncaudienceexchange.com Amazon RSA 2048 M01	`2023-02-24` - `2023-10-20`	8 months	crt.sh
tags.penews.com Amazon RSA 2048 M01	`2023-02-22` - `2023-06-28`	4 months	crt.sh
v2.pixel.newscgp.com GTS CA 1D4	`2023-03-08` - `2023-06-06`	3 months	crt.sh
v2.pixel.djp.data.newscorp.com GTS CA 1D4	`2023-03-08` - `2023-06-06`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
follow-api.wsj.com Amazon RSA 2048 M02	`2023-04-03` - `2024-04-30`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-02-27` - `2023-12-14`	10 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
analytics.rlcdn.com Amazon RSA 2048 M02	`2023-02-28` - `2023-08-25`	6 months	crt.sh
cdn-content-production.cxpublic.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-03-07` - `2023-09-07`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 47 frames:

Primary Page: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Frame ID: 92AED99C9A441682CECD5B967CF8CBFC
Requests: 268 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 06D8E546BF408A9913B4E7D7F609A049
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1682818582473&publicationId=barrons.com
Frame ID: 01EB6257E511CB214EFC248356879B63
Requests: 13 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: BD222203B9C44EFAFE2C368469DA9C95
Requests: 1 HTTP requests in this frame

Frame: https://a25c2057485bacf8d30418738bc64a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A23946DBCEF232291E4F53AF02899274
Requests: 1 HTTP requests in this frame

Frame: https://dowjones.demdex.net/dest5.html?d_nsid=0
Frame ID: 669F606778BE25FA4516CB0048A4017A
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Frame ID: CA72C251AE41984D700D2DC9EFCEF5B8
Requests: 29 HTTP requests in this frame

Frame: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Frame ID: 27CA9702BEE4B266640E40D3C6A563F7
Requests: 28 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: F876EE0BF2D5B1EC25DCBC65CADFFF2B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Frame ID: EA7E3FA508EBB69B0F1BC657D775C198
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 91B9F59DAEB26651E973133C5D613613
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 249D63786EA8D93C37EC6DA0843EB603
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11d3A0M1NGRTJ1SWFBSk1VZFc5eXJWelNZaDhuc3A4Ln5B&gdpr=0
Frame ID: 4EF5386BF5C15947C266955AC060756A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 549220CC34ACEF884CF96BD9CDB00912
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4111871771392428841&ex=appnexus.com&gdpr=0
Frame ID: 85B29E51B0B1D37CBEB592196B2287E9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=903593474721348424261
Frame ID: 1CF46039051CBC58ED043B49CC90D771
Requests: 1 HTTP requests in this frame

Frame: https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Frame ID: B8337B45178C1343E85306AC9ED9951F
Requests: 1 HTTP requests in this frame

Frame: https://tags.realtor.com/prod/ncg/cookie.html
Frame ID: BDCC93B3B9036048C0EE80AE3F78DF0B
Requests: 1 HTTP requests in this frame

Frame: https://tags.mansionglobal.com/prod/ncg/cookie.html
Frame ID: F4AC2EA44B3188F04508E3049E33E077
Requests: 1 HTTP requests in this frame

Frame: https://tags.marketwatch.com/prod/ncg/cookie.html
Frame ID: A37F5817144258D4C31F3BCDFBCDD434
Requests: 1 HTTP requests in this frame

Frame: https://tags.wsj.com/prod/ncg/cookie.html
Frame ID: E5B6F8CC25E341CE90B233DD77AB9A57
Requests: 1 HTTP requests in this frame

Frame: https://tags.nypost.com/prod/ncg/cookie.html
Frame ID: 2A6584FB9C53161D9CBEC8800146F0BE
Requests: 1 HTTP requests in this frame

Frame: https://tags.decider.com/prod/ncg/cookie.html
Frame ID: A63B4071DD10780AFBC07D5267B60EE9
Requests: 1 HTTP requests in this frame

Frame: https://tags.pagesix.com/prod/ncg/cookie.html
Frame ID: 980D44C7D6B620B24B41700FDDD8E0AD
Requests: 1 HTTP requests in this frame

Frame: https://tags.knewz.com/prod/ncg/cookie.html
Frame ID: D7DFDFD4155CD218E3A902EF25AB2701
Requests: 1 HTTP requests in this frame

Frame: https://tags.penews.com/prod/ncg/cookie.html
Frame ID: 032D451E13FBEB7C4BE00594E3B5BB1F
Requests: 1 HTTP requests in this frame

Frame: https://secure-us.imrworldwide.com/storageframe.html
Frame ID: 5FCBA825F7F216255407882288E0DCE7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: AAFBE60D01A90EB955D30ECDA2DC7B62
Requests: 4 HTTP requests in this frame

Frame: https://331afe2bb48f994fe0d9101d6b5b6bfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7DA2CA07AA2D1C9C20C4430E5169516F
Requests: 1 HTTP requests in this frame

Frame: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8BCD81A4171EFAA641F3A17A82173DB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58530E1DBA72CC890869AD57503E2CC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 69930ACDF6282C7CA447BC72CB17BD9F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 62C9C0B41FF7310FD2E3F0D8D545D35B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 55486F75C367529C725055903FA700C8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158677&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: F60A48C4868A6E02D22739A73942B638
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A16F04E3D8FC482F809F8FD56240BD6B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: C519C85A2E7FB6246FFD7838D6038513
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5159E4E95A37CF09FE60BD40E28C07A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158677&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 8EC8E3EAD004C2186671889E53598DE4
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 34654839BC62800A5CEA0C1C4A7FAE8C
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DBA207B0859CF97F91E76A144736BB77
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF5DB96617541B7ABD49D42F7F64AFBA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29641DC8B0D44491F88419B2D1B7CADC
Requests: 2 HTTP requests in this frame

Frame: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5993BFDA2194EAA73464F900745861A5
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/newscorp-barrons-aps/bl-e09f10f-df0b19b9.js
Frame ID: F56AAEEB00C42C339F56EB9B870B2B69
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html
Frame ID: 99E27D839C4C0235BC87B1C415F7FF99
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BAD80FF32CF8538752EFA66DDAAC2C0E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FireEye Says ‘”Intrusion Campaign’ Used Tainted SolarWinds Software | Barron's

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
accounts\.google\.com/gsi/client

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Airship (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

urbanairship\.\w+/notify/v([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

483
Requests

87 %
HTTPS

33 %
IPv6

94
Domains

157
Subdomains

115
IPs

4
Countries

5858 kB
Transfer

15537 kB
Size

125
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome/browser
Title: CHROME

Search URL Search Domain Scan URL

URL: https://support.apple.com/downloads/#safari
Title: SAFARI

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/firefox
Title: FIREFOX

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/new/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://store.barrons.com/shop/us/us/barcafall21/?inttrackingCode=aaqwo2ew&icid=BAR_ON_NA_ACQ_NA&cx_campaign=BARNonUSFY21
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://accounts.barrons.com/login?opts=0&target=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Title: Sign In

Search URL Search Domain Scan URL

URL: https://store.barrons.com/shop/us/us/barcafall21/?inttrackingCode=aaqwo2ey&icid=BAR_ON_NA_ACQ_NA&cx_campaign=BARNonUSFY21

Search URL Search Domain Scan URL

URL: https://accounts.barrons.com/login?opts=0&target=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377?mod=article_signInButton
Title: Sign In

Search URL Search Domain Scan URL

URL: https://accounts.barrons.com/login?opts=0&target=https%3A%2F%2Fwww.barrons.com%2Farticles%2Fhouse-investigating-sf-feds-role-svb-collapse-e40862fa%3Fjsondata%3Dr?mod=article_signInButton
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.realtor.com/welcome/first-time-buyer/?link=TD_barrons_new_articles.be66b4471cba19f6&utm_source=barrons_new_articles.be66b4471cba19f6&utm_campaign=circular&utm_medium=MOVE&cid=nc_fthb_test
Title: Realtor.com

Search URL Search Domain Scan URL

URL: http://wsj.com/?link=TD_barrons_new_articles.be66b4471cba19f6&utm_source=barrons_new_articles.be66b4471cba19f6&utm_campaign=circular&utm_medium=WSJ
Title: Wall Street Journal

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/u-s-sent-teams-into-foreign-networks-to-hunt-solarwinds-microsoft-hackers-f71341f3?link=TD_barrons_new_articles.be66b4471cba19f6&utm_source=barrons_new_articles.be66b4471cba19f6&utm_campaign=circular&utm_medium=WSJ
Title: U.S. Sent Teams into Foreign Networks to Hunt SolarWinds, Microsoft Hackers

Search URL Search Domain Scan URL

URL: http://www.marketwatch.com/?link=TD_barrons_new_articles.be66b4471cba19f6&utm_source=barrons_new_articles.be66b4471cba19f6&utm_campaign=circular&utm_medium=MARKETWATCH
Title: MarketWatch

Search URL Search Domain Scan URL

URL: https://www.marketwatch.com/data-news/bath-body-works-inc-stock-falls-wednesday-underperforms-market-9bafffce-83e6e7f657d4?link=TD_barrons_new_articles.be66b4471cba19f6&utm_source=barrons_new_articles.be66b4471cba19f6&utm_campaign=circular&utm_medium=MARKETWATCH
Title: Bath & Body Works Inc. stock falls Wednesday, underperforms market

Search URL Search Domain Scan URL

URL: http://www.fnlondon.com/?link=TD_barrons_new_articles.be66b4471cba19f6&utm_source=barrons_new_articles.be66b4471cba19f6&utm_campaign=circular&utm_medium=FINNEWS
Title: Financial News London

Search URL Search Domain Scan URL

URL: https://www.fnlondon.com/articles/jpmorgan-morgan-stanley-step-back-from-cbi-amid-misconduct-probe-20230421?link=TD_barrons_new_articles.be66b4471cba19f6&utm_source=barrons_new_articles.be66b4471cba19f6&utm_campaign=circular&utm_medium=FINNEWS
Title: JPMorgan, Morgan Stanley step back from CBI amid misconduct probe

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/what-is-healthy-at-80-bidens-re-election-bid-prompts-a-question-f50e14b8?link=TD_barrons_new_articles.be66b4471cba19f6&utm_source=barrons_new_articles.be66b4471cba19f6&utm_campaign=circular&utm_medium=WSJ
Title: What Is Healthy at 80? Biden’s 2024 Re-Election Bid Prompts a Question

Search URL Search Domain Scan URL

URL: https://customercenter.barrons.com/register?targetUrl=https%3A%2F%2Fwww.barrons.com%2F
Title: Subscribe to Barron's

Search URL Search Domain Scan URL

URL: https://store.barrons.com/shop/us/us/baradvisorNov21
Title: Subscribe to Barron's Advisor

Search URL Search Domain Scan URL

URL: https://customercenter.barrons.com/
Title: Customer Center

Search URL Search Domain Scan URL

URL: https://www.wsj.com/
Title: The Wall Street Journal

Search URL Search Domain Scan URL

URL: https://www.marketwatch.com/
Title: MarketWatch

Search URL Search Domain Scan URL

URL: https://www.investors.com/
Title: Investors Business Daily

Search URL Search Domain Scan URL

URL: https://www.mansionglobal.com/
Title: Mansion Global

Search URL Search Domain Scan URL

URL: https://www.fnlondon.com/
Title: Financial News London

Search URL Search Domain Scan URL

URL: https://wsjshop.com/collections/barrons
Title: Buy Issues

Search URL Search Domain Scan URL

URL: https://www.djreprints.com/
Title: Reprints

Search URL Search Domain Scan URL

URL: http://ereader.barrons.com/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://corporate.barrons.com/?mod=djm_barronsfooter_44669&LS=Website&utm_source=Website&utm_campaign=barronsfooter
Title: Corporate Subscriptions

Search URL Search Domain Scan URL

URL: https://mediakit.wsjbarrons.com/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://accounts.barrons.com/login?opts=0&target=https%3A%2F%2Fwww.barrons.com%2F
Title: Sign In

Search URL Search Domain Scan URL

URL: https://onboarding.barrons.com/?v=member
Title: Subscriber Benefits

Search URL Search Domain Scan URL

URL: https://www.dowjones.com/privacy-notice
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.dowjones.com/cookie-notice
Title: Cookie Notice

Search URL Search Domain Scan URL

URL: https://www.dowjones.com/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.dowjones.com/cookie-notice/#cookies-advertising
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://store.barrons.com/shop/us/us/barcafall21/?inttrackingCode=aaqwo2ez&icid=BAR_ON_NA_ACQ_NA&cx_campaign=BARNonUSFY21

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 141

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1682818583286 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1682818583286

Request Chain 143

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Request Chain 166

https://www.barrons.com/articles/WP-BAR-0000630878?jsondata=r HTTP 301
https://www.barrons.com/articles/house-investigating-sf-feds-role-svb-collapse-e40862fa?jsondata=r

Request Chain 171

https://cm.everesttech.net/cm/dd?d_uuid=00824479668952958801806893003151769411 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZE3GFwAAAGOsKwNP

Request Chain 175

https://secure-us.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 186

https://sb.scorecardresearch.com/c2/6035148/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 187

https://sb.scorecardresearch.com/b?c1=2&c2=6035148&ns__t=1682818583538&ns_c=UTF-8&c8=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&c7=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035148&ns__t=1682818583538&ns_c=UTF-8&c8=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&c7=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&c9=

Request Chain 205

https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=0&gdpr_consent=&account=9673&us_privacy=1--- HTTP 302
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=9673&uid=LH2QQGXV-10-5Y9F&gdpr=0&us_privacy=1---

Request Chain 217

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1682818584391 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3327216006 HTTP 302
https://sync.1rx.io/usersync/turn/9063842566854529721?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005

Request Chain 218

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258201841455362000V10

Request Chain 219

https://tags.barrons.com/cs/sync/i HTTP 302
https://us.tags.newscgp.com/cs/sync/i?expiry_ts=1745890584&origin=tags.barrons.com HTTP 302
https://us.tags.newscgp.com/cs/bounce/i?expiry_ts=1745890584&origin=tags.barrons.com&fallback_id=e18d08aa-fc42-484c-9976-0cda7132c302.3.1682818584.1745890584 HTTP 302
https://tags.barrons.com/cs/bounce/i?expiry_ts=1745890584&nuid=e18d08aa-fc42-484c-9976-0cda7132c302.3.1682818584.1745890584

Request Chain 227

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Request Chain 230

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11d3A0M1NGRTJ1SWFBSk1VZFc5eXJWelNZaDhuc3A4Ln5B&gdpr=0

Request Chain 231

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Request Chain 232

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4111871771392428841&ex=appnexus.com&gdpr=0

Request Chain 233

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=903593474721348424261

Request Chain 241

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D264307%26time%3D1682818584429%26url%3Dhttps%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&cookiesTest=true&liSync=true&e_ipv6=AQJj0Kus-4rXHgAAAYfPzdKYqZXysBdcfkgePXT5lt6RQ-RXu9_6XSIWiipCvuX0E20acylm

Request Chain 242

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D264307%26time%3D1682818584429%26url%3Dbarrons.com%252Fpaywallhitcustomtag%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag&cookiesTest=true&liSync=true&e_ipv6=AQIQq7nsE8nL9gAAAYfPzdKbv1Pi8FgKkk4DdvMT6d-K-74KgpeMRz2n21oGvRyHnWhV-uxG

Request Chain 267

https://match.adsrvr.org/track/cmf/openx?oxid=fe9d5758-5869-3bec-548c-0169cb7abcbe&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=fe9d5758-5869-3bec-548c-0169cb7abcbe&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&ttd_puid=fe9d5758-5869-3bec-548c-0169cb7abcbe&gdpr=0&gdpr_consent=

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAXfGyg05I2j0JF5FJfLV_c&google_cver=1

Request Chain 272

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3GGG3jsIdCPmxS8n.oNwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDpelVDbIF7iFEBN8ayszBw&google_cver=1&google_hm=2

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3GGG3jsIdCPmxS8n-oNwAAA-MAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKD_k1w8FdJhHLs_3h8xme4&google_cver=1

Request Chain 275

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://match.adsrvr.org/track/cmb/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&expiration=1685410584&gdpr=0&gdpr_consent=

Request Chain 276

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4111871771392428841

Request Chain 277

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACBKE7Im4wAAB-XvqgiVA&expiration=1684028185

Request Chain 278

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=67d87e3f2d6a15d4&is_secure=true&networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABr63-T97nqAMWzsYlAAAAAAA&expiration=1682904985&is_secure=true

Request Chain 279

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE3GGG3jsIdCPmxS8n.oNwAA%26995&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3721e327-f420-4269-9fc9-e37730ba6d6f-tuctb474b98

Request Chain 287

https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
https://prebid-server.rubiconproject.com/setuid?bidder=yahoossp&uid=y-bGapIXVE2uGUO5nVSTOJo1gmgMDmURN3~A&gdpr=0

Request Chain 297

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1682818584984&ci=us-403743h&js=1&cg=0&ts=65568.js?sid=787755dc-4a56-4dd1-9341-d101143c2799&toploc=www.barrons.com&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&sr=1600x1200&id=lstrg-011a3ff7040f056c6e2df8b840ad8040 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1682818584984&ci=us-403743h&js=1&cg=0&ts=65568.js?sid=787755dc-4a56-4dd1-9341-d101143c2799&toploc=www.barrons.com&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&sr=1600x1200&id=lstrg-011a3ff7040f056c6e2df8b840ad8040&ja=1

Request Chain 310

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LH2QQGXV-10-5Y9F HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LH2QQGXV-10-5Y9F&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 311

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/716328806/?random=620146026&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=QhOqCIWzgagBEOaeydUC&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=GMZNZI3zNKWdoPMPrOygsA8&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDctU3FIS1JYYzhIdVJhNW5MNTFyYVhnclBjQmZINHh1dVhES1pMRUg3M1BRbTF5VDA4Vm9ROHBrdw HTTP 302
https://www.google.com/pagead/1p-conversion/716328806/?random=620146026&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=QhOqCIWzgagBEOaeydUC&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDctU3FIS1JYYzhIdVJhNW5MNTFyYVhnclBjQmZINHh1dVhES1pMRUg3M1BRbTF5VDA4Vm9ROHBrdw&is_vtc=1&ocp_id=GMZNZI3zNKWdoPMPrOygsA8&cid=CAQSKQBygQiDtYfX3lqGKbIGKApPUG23gn4wey2yf22Btu3lFysTm6g6e5wx&random=1091581649 HTTP 302
https://www.google.ca/pagead/1p-conversion/716328806/?random=620146026&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=QhOqCIWzgagBEOaeydUC&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDctU3FIS1JYYzhIdVJhNW5MNTFyYVhnclBjQmZINHh1dVhES1pMRUg3M1BRbTF5VDA4Vm9ROHBrdw&is_vtc=1&ocp_id=GMZNZI3zNKWdoPMPrOygsA8&cid=CAQSKQBygQiDtYfX3lqGKbIGKApPUG23gn4wey2yf22Btu3lFysTm6g6e5wx&random=1091581649&ipr=y&prhg=0&ezwbk=AZuM4hBVyk_-UvqCPdqz6Ypa2cPr9G8I7zvAI62czOd0qbljcFFlf_Q-GoW7iJirgFzNgOY62lshFnCqwKqQsje4goQl

Request Chain 313

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BUID%7D HTTP 302
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=c743d897-e1f6-0805-3f00-c17c4a217e33

Request Chain 315

https://idsync.rlcdn.com/395886.gif?partner_uid=3635328014473494641 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzNTMyODAxNDQ3MzQ5NDY0MRAAGg0ImYy3ogYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=26ea2a53d01f5095fac1c9377f9cc2c62bf5b6aa3f7adc063e35d1b72c6e928bf4cb09cee1a4f8eb&person_id=3635328014473494641&eid=50082

Request Chain 316

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&gdpr=0&gdpr_consent= HTTP 302
https://ml314.com/csync.ashx?fp=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&person_id=3635328014473494641&eid=53819

Request Chain 317

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3635328014473494641 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3635328014473494641 HTTP 302
https://ml314.com/csync.ashx?fp=9c1913634aad1598819e1e06db4e647a&eid=50146&person_id=3635328014473494641

Request Chain 318

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2WyxrJxnGFyNgdNj-fjNz93OYcA3W_rqJ63ifa97Mo4U&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=2WyxrJxnGFyNgdNj-fjNz93OYcA3W_rqJ63ifa97Mo4U&person_id=3635328014473494641&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 329

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI5MWNiY2I3MzU2ZmZmODZhOGQyOTg3ZDI2ZjM3ZjJlNzlhMjhkYQ&gdpr=0

Request Chain 330

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyUVFHWFYtMTAtNVk5Rg==&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEALqrqBH0b_balyXE52Nd0Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUVFHWFYtMTAtNVk5Rg==&google_push=&gdpr=0

Request Chain 331

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/TZZxPHry556iewA5kyq2lMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AiPPXNpE2oJuPR_MR90DzeMOvOzTpybUs4WPhg--~A

Request Chain 332

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&gdpr=0&gdpr_consent=&expires=30

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEK2khw4AcJzDqYUkA_yrxpE&google_cver=1

Request Chain 335

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2QQGXV-10-5Y9F&gdpr=0

Request Chain 336

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=izWNFl18Qjet7NMphI_46w&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=izWNFl18Qjet7NMphI_46w&gdpr=0

Request Chain 337

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067154206/?random=213962816&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=aiwKCIT8m8UCEJ727fwD&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=GcZNZM_ZC4WYoPMPqeGA8AU&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc5azVNQnJKUUl3VWhOUVdUTm5rR0VfYl9wdjZGbl84UTlBQms1dkVoRk1Mb09ZTmZmZXlCMnAxUQ HTTP 302
https://www.google.com/pagead/1p-conversion/1067154206/?random=213962816&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=aiwKCIT8m8UCEJ727fwD&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc5azVNQnJKUUl3VWhOUVdUTm5rR0VfYl9wdjZGbl84UTlBQms1dkVoRk1Mb09ZTmZmZXlCMnAxUQ&is_vtc=1&ocp_id=GcZNZM_ZC4WYoPMPqeGA8AU&cid=CAQSKQBygQiDdQmKqJaGGhe6KGZ5BMbgdMSrxmvmAs4yf528ClW4itZlKL1p&random=1252868599 HTTP 302
https://www.google.ca/pagead/1p-conversion/1067154206/?random=213962816&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=aiwKCIT8m8UCEJ727fwD&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc5azVNQnJKUUl3VWhOUVdUTm5rR0VfYl9wdjZGbl84UTlBQms1dkVoRk1Mb09ZTmZmZXlCMnAxUQ&is_vtc=1&ocp_id=GcZNZM_ZC4WYoPMPqeGA8AU&cid=CAQSKQBygQiDdQmKqJaGGhe6KGZ5BMbgdMSrxmvmAs4yf528ClW4itZlKL1p&random=1252868599&ipr=y&prhg=0&ezwbk=AZuM4hDzMpcnaGafyZy6kQ8R1I2XzIAhoKsguqEph5IL5-Job1vamqVPfw9pvPK40BG2y6xNzV3eD4QDGRVMgJgDK3Wg

Request Chain 338

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11013097811/?random=822723540&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=XnDnCPr1xIAYENOSuoMp&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=GcZNZIrBCY3t_gTv47CAAg&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDdfdVYtQWs4UVBidklCdzkxNjBualZmRE8tVVlhLWM1dnNhSV80eEpWSzBvN2JEdHV6MnVyS3pwdw HTTP 302
https://www.google.com/pagead/1p-conversion/11013097811/?random=822723540&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=XnDnCPr1xIAYENOSuoMp&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDdfdVYtQWs4UVBidklCdzkxNjBualZmRE8tVVlhLWM1dnNhSV80eEpWSzBvN2JEdHV6MnVyS3pwdw&is_vtc=1&ocp_id=GcZNZIrBCY3t_gTv47CAAg&cid=CAQSKQBygQiDPMMb_g2svaae7B_ch7a2UpVb6FK39uu1vfgcP88OOun80LlK&random=3761829334 HTTP 302
https://www.google.ca/pagead/1p-conversion/11013097811/?random=822723540&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=XnDnCPr1xIAYENOSuoMp&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDdfdVYtQWs4UVBidklCdzkxNjBualZmRE8tVVlhLWM1dnNhSV80eEpWSzBvN2JEdHV6MnVyS3pwdw&is_vtc=1&ocp_id=GcZNZIrBCY3t_gTv47CAAg&cid=CAQSKQBygQiDPMMb_g2svaae7B_ch7a2UpVb6FK39uu1vfgcP88OOun80LlK&random=3761829334&ipr=y&prhg=0&ezwbk=AZuM4hC-nQOs0Z9pifkwcg4PADzEAOTnJ0FK3f_CD2MlhJcSp3IDeJzIl8ORmjsvuR1w89zm7g0RzONH1xvmrpdceHSd

Request Chain 344

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=a6dcdad9

Request Chain 361

https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=[UID]

Request Chain 367

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=06b9933a-533c-41c6-91b5-0cd70deb93c4

Request Chain 401

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 402

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 403

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENj72o9thlkUkRexV_9SMmI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 404

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx

Request Chain 406

https://x.bidswitch.net/sync?ssp=triplelift&user_id=903593474721348424261&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=06b9933a-533c-41c6-91b5-0cd70deb93c4&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=06b9933a-533c-41c6-91b5-0cd70deb93c4&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=ff5b3138-2563-4038-9b6c-845f2d13e689&ssp=triplelift&expires=30&user_group=5&bsw_param=06b9933a-533c-41c6-91b5-0cd70deb93c4 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=06b9933a-533c-41c6-91b5-0cd70deb93c4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 408

https://pr-bh.ybp.yahoo.com/sync/triplelift/903593474721348424261?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eLZ4B.NE2oS3WRm1HXoJu3cHrKJ7IqHFxr0imsD4ug--~A&dongle=0883

Request Chain 409

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=qxwoupX_ZC5W1nCdfI0e&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OF4HO33VOBMF6WSDGVLTC3SDMRTESMDF&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OF4HO33VOBMF6WSDGVLTC3SDMRTESMDF HTTP 302
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=qxwoupX_ZC5W1nCdfI0e

Request Chain 410

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=4111871771392428841&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 411

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 412

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 413

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENj72o9thlkUkRexV_9SMmI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 414

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx

Request Chain 416

https://x.bidswitch.net/sync?ssp=triplelift&user_id=903593474721348424261&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtriplelift%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtriplelift%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=f2c57b0d-b492-5378-91d5-23c7f598e5dd&ssp=triplelift&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=06b9933a-533c-41c6-91b5-0cd70deb93c4&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 418

https://pr-bh.ybp.yahoo.com/sync/triplelift/903593474721348424261?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eLZ4B.NE2oS3WRm1HXoJu3cHrKJ7IqHFxr0imsD4ug--~A&dongle=0883

Request Chain 419

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=kTepWDR505hdHBtUjos6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NNKGK4CXIRJDKMBVNBSEQQTUKVVG64ZW&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NNKGK4CXIRJDKMBVNBSEQQTUKVVG64ZW HTTP 302
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=kTepWDR505hdHBtUjos6

Request Chain 420

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=4111871771392428841&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 468

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 477

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=777802&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=767a60e7-63c8-43ae-a513-5ee68f57112a

Request Chain 478

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=777802&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3GFwAAAGOsKwNP

483 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377 Show response
www.barrons.com/articles/ 402 KB
97 KB 334ms
227ms Document
text/html 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

74a17e9fc804adff59573db77a5232b9a840bbd9fc76790f935e055462d753a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .dowjones.net .barrons.com
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM http://dowjones.net
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors *.dowjones.net *.barrons.com
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-id: Ly3qP-cPHOpq2yAQNeQ3qYwY0eBErCr_uHCUuty17de1MivnPbJaVw==
x-amz-cf-pop: ORD52-C3
x-article-template: snippet
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM http://dowjones.net
x-info-template: barrons_resp_article_snippet
x-powered-by: Express
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 TiemposHeadline-Medium.woff2
www.barrons.com/fonts/woffs/tiempos/ 31 KB
32 KB 44ms
42ms Font
font/woff2 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/fonts/woffs/tiempos/TiemposHeadline-Medium.woff2
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fabd3ca1addebe215da67c147155b1d948d873d8d82ca54e5ca4537637e9c7d3

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:17 GMT
x-amz-version-id: 4qvc_Mv51i446wKFlhsg_MkS1CNaXR98
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 31604
last-modified: Mon, 17 Apr 2023 19:56:43 GMT
server: AmazonS3
etag: "a1192590b76cc31240d8b0adf4ba40f8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: max-age=31536000
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: NG2kAcZ-81ZWVm3X6Zkvl7y-qN6DCXpLKmIi-K7822wjoKPEvuRoDQ==

GET
H2 200 TiemposHeadline-Bold.woff2
www.barrons.com/fonts/woffs/tiempos/ 31 KB
32 KB 44ms
42ms Font
font/woff2 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/fonts/woffs/tiempos/TiemposHeadline-Bold.woff2
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4d6b1ed6e220cebd550f63b8e57ce690fd13672a997c9b6fbcb03fd879ec64c

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:17 GMT
x-amz-version-id: luWeDJeEOEkYH_N.YXsJ2HoyZJlP3ttu
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 31588
last-modified: Mon, 17 Apr 2023 19:56:34 GMT
server: AmazonS3
etag: "be9191b2cae378cc6fa0ff13af252587"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: max-age=31536000
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: ISiTPqSCe02YSSz4HDLjL8AATkSy0KrFBsguVor5sL7TpH0RNUYKtA==

GET
H2 200 Aileron-Italic.woff2
www.barrons.com/fonts/woffs/aileron/ 13 KB
14 KB 44ms
42ms Font
font/woff2 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/fonts/woffs/aileron/Aileron-Italic.woff2
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49cc6ca8601742cc91fc65e7eeec62dfb6b4525d22fb41f51b7f3b223679feeb

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:17 GMT
x-amz-version-id: ZTIpP7IFenZX_AGBnu1xqRczIv8Of5IV
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 13496
last-modified: Mon, 17 Apr 2023 19:54:08 GMT
server: AmazonS3
etag: "3bc4eb43218afe0873d1b2e209f17b21"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: max-age=31536000
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: vvLCn6lR6Nk34b26XUhrcRO727gf4DW__4eT5qUscMh3VGigTp86Ew==

GET
H2 200 Aileron-Light.woff2
www.barrons.com/fonts/woffs/aileron/ 13 KB
14 KB 44ms
43ms Font
font/woff2 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/fonts/woffs/aileron/Aileron-Light.woff2
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 086560cdec782821e481b99fb3000a804a9dd84aaba0ad11b1af9aec3acfbf62

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:17 GMT
x-amz-version-id: xUfOohxb0yO66y2bxmIklKAgpaN7F1Gf
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 13284
last-modified: Mon, 17 Apr 2023 19:54:10 GMT
server: AmazonS3
etag: "20b648f197c843b978ab18535d7b2b4b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: max-age=31536000
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: YXPOULJJRd-5hVrQtnCYyhp9qS5NliOigTYoJtg_nrA6lNJjw1JoZQ==

GET
H2 200 Aileron-Bold.woff2
www.barrons.com/fonts/woffs/aileron/ 13 KB
14 KB 44ms
43ms Font
font/woff2 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/fonts/woffs/aileron/Aileron-Bold.woff2
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70b6f707db1bb0dd5ab31185b8a9ab27a22c97fbc71629d053645e98cda923f8

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:17 GMT
x-amz-version-id: DGVVaVeZtV5O1bdSXKdRyb_Wp9g1d_Do
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 13276
last-modified: Mon, 17 Apr 2023 19:53:59 GMT
server: AmazonS3
etag: "9df23ffb1fc0a629005df32644a24b70"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: max-age=31536000
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: U8MeTJz5EV7UPWV86YPPmdUIXpiDTcfM9MFk39f_yrvPzMxsqtf1ew==

GET
H2 200 ace.min.js Show response
www.barrons.com/asset/ace/ 85 KB
19 KB 32ms
31ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/ace/ace.min.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1336e8f15c41d52d726e2dd9c07f9c42a000541f165a10763f54cb5728df9c84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:16 GMT
x-amz-version-id: vONGzx_o9RTjd7Ao3EIVI21_F9BYE8Rw
content-encoding: br
last-modified: Wed, 05 Apr 2023 17:09:30 GMT
server: AmazonS3
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
etag: W/"044994157551618afe20e0f0ece12ca2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
age: 820507
x-amz-replication-status: COMPLETED
x-amz-cf-id: JGqysAbNyMxuLTzGYVLtTGCIqeNVnKjQ5SMCijewZO-CvzXaCqyRKg==

GET
H/1.1 200
OK dowjones-d8s23j Show response
segment-data.zqtk.net/ 29 B
335 B 103ms
28ms Script
application/javascript 3.211.32.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://segment-data.zqtk.net/dowjones-d8s23j?url=https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.32.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-32-81.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 23f681e5ca4fc39b86bee60aecb0919bd4127c5b13e2bf8a5eed17191c66a95c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:22 GMT
Last-Modified: Sat, 29 Apr 2023 13:43:29 GMT
Server: nginx
Content-Type: application/javascript; charset=UTF-8
X-Result-Id: CsW944RKbQ
Cache-Control: max-age=30
Connection: keep-alive
Content-Length: 29
Expires: Sun, 30 Apr 2023 01:36:52 GMT

GET
H/1.1 200
OK pb.js Show response
us.tags.newscgp.com/prod/prebid/barrons/ 611 KB
170 KB 102ms
31ms Script
application/javascript 13.249.141.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us.tags.newscgp.com/prod/prebid/barrons/pb.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-127.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e243b78efd935e4ed26fd1a3a836eb5fe5a07287d7ff9e085204f3ef7a4140a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 00:39:57 GMT
Content-Encoding: gzip
Via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ORD51-C1
Age: 3453
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 21 Apr 2023 17:58:50 GMT
Server: AmazonS3
ETag: W/"13a29e1f271412c159b1ee3279fb4704"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
X-Amz-Cf-Id: b0D099CjMHhywM_O4OEIEc9TG0qd2jIIc2xDwS9rBmu8fSDY5sBr-A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 104ms
56ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2102e3d56f12fdd0a4cb70de5c36747231f6641f1033f35bc0001419b1b1b159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24760
x-xss-protection: 0
server: cafe
etag: 551 / 19477 / 31074188 / config-hash: 17856767610576847833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/dowjonesheader64568365681/ 300 KB
105 KB 92ms
18ms Script
application/x-javascript 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0afd1da7888ad7f326f4d50750921bb71cd675b04321a924f41370f76713d14f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 07:03:09 GMT
server: AmazonS3
x-amz-request-id: 2AVZX24QME0572WT
etag: "ffefb6601e3288b05935a16fed672bf6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=32404
accept-ranges: bytes
content-length: 106789
x-amz-id-2: 2jAGsxjGehXKr8qL0eULTP/iOsyHaT8mfKQ8eoKISQPW3d3qOoIOHDfDvad5oADlDTV5xAywIcg=

GET
H2 200 uac.min.1.0.55.js Show response
www.barrons.com/asset/ace/ 46 KB
11 KB 32ms
30ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/ace/uac.min.1.0.55.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16d5af25a69823004facdfe27b113f11bdeaf42d981cda185ec9d9e3f61bd32b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:13 GMT
x-amz-version-id: Nqat.N2oifHFagQi23k6Or.1_0cznmMa
content-encoding: br
last-modified: Mon, 27 Mar 2023 15:04:27 GMT
server: AmazonS3
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
etag: W/"d06565cb8e9dee2510002456fc6b410a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
age: 820510
x-amz-replication-status: COMPLETED
x-amz-cf-id: 1quhqHyYiBWI4qMvOreu0mUBQ_ZwmMLVlaCdhVbCXdC4ZAZMfzAuTg==

GET
H2 200 djcmp.min.1.0.46.js Show response
www.barrons.com/asset/ace/ 44 KB
14 KB 32ms
30ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/ace/djcmp.min.1.0.46.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25562ed433303fc4c68f29353d9f82697549df81f2bed3489653b12c0c8b293d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:16 GMT
x-amz-version-id: VBiUNlznjpy7sjgyIgB0ZK2DYX66ivMU
content-encoding: br
last-modified: Wed, 05 Apr 2023 16:17:06 GMT
server: AmazonS3
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
etag: W/"703b83b5343d1a9ae13967988588df5e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
age: 820507
x-amz-replication-status: COMPLETED
x-amz-cf-id: 1-XA_mC8U6uMSXzAjgKO8l9M0hIi00-_KW5FJIlyQkZYj6MMvktB1Q==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 227 KB
56 KB 102ms
32ms Script
application/javascript 52.85.249.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.249.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-249-178.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:06:07 GMT
content-encoding: gzip
via: 1.1 1aba603d822d5b3ffcc843f252edb6ea.cloudfront.net (CloudFront), 1.1 6d6df3cff77ca7257114fa22468d9dbe.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 19:15:17 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P1, ORD51-C4
age: 1816
x-amz-server-side-encryption: AES256
etag: W/"644915d59292b7496ff86a0d2c460fce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: OBk_uVUfl_OekgjH1sjNstkY_hOqEaqS-aIFVc6LNyn71rhQkxggXA==

GET
H2 200 client Show response
accounts.google.com/gsi/ 193 KB
77 KB 129ms
66ms Script
application/javascript 2607:f8b0:4006:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200d New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f64978b38ca020fe6ff97c45d3fb3e0c56898a1fdd479d5e603bc3405db20cc4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Iw7bcujbY38kBSegSWKtoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Iw7bcujbY38kBSegSWKtoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 199 KB
58 KB 82ms
20ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9dd3ac5da6732c952d1fcf8130a7e403e4b48c08460e3b2f62f2aed37fe6957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59003
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 17:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 02:25:17 GMT

GET
H2 200 swg-gaa.js Show response
news.google.com/swg/js/v1/ 65 KB
21 KB 113ms
51ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-gaa.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8526d0800f35320bec1c08b0c5a068bce520cb475003530b3b5a41d4dce809de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21275
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 01:52:56 GMT

GET
H2 200 barrons_new_articles.be66b4471cba19f6.circular.js Show response
assets.vidora.com/newscorp/js/ 6 KB
3 KB 145ms
41ms Script
application/javascript 2600:9000:21d5:ee00:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/newscorp/js/barrons_new_articles.be66b4471cba19f6.circular.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d5:ee00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58c572d051997ab8c683ff5de516fdb75f8572fb1f37e2c0b275e6059a009d6b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 e24f58374cba3dcb49076c378e9f7db0.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:36:22 GMT
last-modified: Wed, 30 Jun 2021 13:44:56 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C2
age: 48
x-amz-server-side-encryption: AES256
etag: W/"110d1d8a7556ceb246fe6fbad86629d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: FjbSTUVga2EPRrvSgoC79q2JJtKGQvuu1XqgOrxEFeZ2MSd5YmK_3g==

GET
H2 200 18684620116 Show response
optimizely.barrons.com/edge-client/v1/5090114122/ 24 KB
9 KB 158ms
66ms Script
application/javascript 13.226.22.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimizely.barrons.com/edge-client/v1/5090114122/18684620116
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.22.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-22-125.ord51.r.cloudfront.net
Software: cloudflare /
Resource Hash: 83217460f18539d97e896d2fd5f70dd723060dd1afd4e09cd839780de6bbff3e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-encoding: gzip
via: 1.1 b6197309cbffb0e33196a1a2b9866bdc.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: ORD51-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7bfc0daa59cb22c2-ORD
x-amz-cf-id: 9rE7FWvErG5JYdeTndRn1Nl1JkXAIkgN-z1eNVu6L2R5um7Tn8nxPQ==

GET
H2 200 barrons-logo.png
www.barrons.com/asset/barrons/images/ 8 KB
9 KB 48ms
48ms Image
image/png 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.barrons.com/asset/barrons/images/barrons-logo.png
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36cbba678939135842c88e3fd74503e9fa621f72a5d840f3c0e3405fc1a37bf3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:17 GMT
x-amz-version-id: 5kV5Gr_5Snwks9vwOkfduLE8dzEac44a
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-request-id: ZDYS8YXSEH8CSHEZ
x-amz-cf-pop: ORD52-C3
x-amz-server-side-encryption: AES256
age: 820506
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 8358
x-amz-id-2: BK2wl87iKHcgWOKrDhgDHsoYzmjE630FiXHGE2rEdlDN0GqbCat6LQL2qKU0ZxyX5vnei2P4fnY=
last-modified: Mon, 17 Apr 2023 19:58:35 GMT
server: AmazonS3
etag: "3d9091533f1a40cb6980556c7da7399c"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LfiEqeWeVsKKcYym0XemKX9JdcAmXWKHdzK5U9H4LY_v_ox8vRRxvg==

GET
H2 200 barronsLogoBlack.eb839d9124ad.svg
asset.barrons.com/article/public/img/ 8 KB
4 KB 137ms
32ms Image
image/svg+xml 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.barrons.com/article/public/img/barronsLogoBlack.eb839d9124ad.svg
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fff3db3db74b03f8ab2d9a006e765b8dbd1e60806628790de3ec86d5af7c293c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 10:23:20 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 02:37:30 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 21222783
etag: W/"eb839d9124adfeb33cd5f04de14841e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: jPKJH3WTnroqXZkiCVdvqrUl4aKNVCbDSBjt74vt84u20e6YNF32Ew==

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50d56dd3d6976c2a668cb3c0ffea7132239e77bb3696ffdc3cb6c75f845a23d0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 386 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a8b509cef2bd0145c1413dc9da10a5a9cc42590e586dc66e7e7809dc884cbe2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Aileron-Regular.woff2
www.barrons.com/fonts/woffs/aileron/ 12 KB
13 KB 29ms
29ms Font
font/woff2 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/fonts/woffs/aileron/Aileron-Regular.woff2
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bb42f8919ec3eae0fce1246cbc218f44e03922646fb3a41e79010bd7d5dc471

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:17 GMT
x-amz-version-id: L0Me4nqXHSOtTzHI7QyIBdQ18LHVIlfb
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820506
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 12744
last-modified: Mon, 17 Apr 2023 19:54:15 GMT
server: AmazonS3
etag: "c9b9f1d8f6826c2683987a76e73adea6"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: max-age=31536000
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: g8ZJ8RtjP23FOIsADn8jXaiPzEGM7YwkjA4QskebsvABmKlB9KRD5A==

GET
H2 200 barrons_resp_article_snippet.async.7195d1bf3331.css
asset.barrons.com/article/public/ 86 KB
21 KB 219ms
132ms Stylesheet
text/css 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/barrons_resp_article_snippet.async.7195d1bf3331.css
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e75bf514680cec4e36dac9027f83c03f316c1ba856dcf43479872916d5d2c55

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:33:00 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jan 2023 19:27:31 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 7401803
etag: W/"1ad192a582d6ee3abb9719f9aa6f7f3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: F9s6upCgmpOivDty2qan62-Z0kIpe1bvxXXt3br-LsBsCmZOcwHlow==

GET
H2 200 runtime.22d8d2566fad.js Show response
asset.barrons.com/article/public/ 25 KB
8 KB 118ms
31ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/runtime.22d8d2566fad.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44bb997319ee82207a622086f213fff25bdb54b3c6b64952687c883031bc4e16

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 11:56:37 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 19:49:21 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 2641186
etag: W/"554c0a640461167fc7d3b279aae3f863"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: H7ve6wPHaZqpSt_R2eQchPFbyAOZ1-hAE7kALHvfaLitSeM0usHgMA==

GET
H2 200 barrons_resp_article_snippet.8dc031a336f4.js Show response
asset.barrons.com/article/public/ 1 MB
450 KB 121ms
37ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/barrons_resp_article_snippet.8dc031a336f4.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2732c97bb5ae7034a7f382a36e3bb0c1bc366b8bcc31c369750083bb94e02016

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:06:20 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Thu, 20 Apr 2023 12:13:33 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 811803
etag: W/"823e6d69bf18abcee760d640da16a83e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 0oXSwTrfFRqwSQnYvXcKp_D6ocHw7spKPh_kf4Qmbxa2qY4h7TKWRQ==

GET
H2 200 sso-auth.js Show response
accounts.barrons.com/assets/ 5 KB
2 KB 112ms
23ms Script
application/javascript 2600:9000:24f0:1200:f:5016:900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.barrons.com/assets/sso-auth.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:1200:f:5016:900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 36501e78a5e2a24ece2b3b45006bc684a690c28ec1b358ac1fdc95cb13f5ae90

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:54:48 GMT
content-encoding: gzip
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
last-modified: Thu, 20 Apr 2023 17:07:24 GMT
server: Apache
x-amz-cf-pop: JFK50-P3
age: 70011
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=14400
content-length: 1917
x-amz-cf-id: b7Q-n7uvpREF8-PWH6XU3aNI--mVgslxuoiL617K_ch6DQVyBPr70w==

GET
H2 200 require.min.js Show response
cdnjs.cloudflare.com/ajax/libs/require.js/2.1.14/ 15 KB
6 KB 66ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/require.js/2.1.14/require.min.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f28aad5e4303e98d21626c1044e8afcba3e8dce789e9c6245084bfc83082503e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8192682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5569
last-modified: Mon, 04 May 2020 16:15:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fbf-3b73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGY6keenVqxBAZ7e5fpIqirCwux%2FoA3VaBe9YJJkU67DXynLUwoOZEBIifzTuCDOA4JU1CLFdiU%2FIoAoIvKagowY7gyN1ijMl8A0H19uH4Ho%2BK65Ak73zW%2Bw5QCIEHOKHMp16vm7AmV5I4MqWRtTjb0d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bfc0daa19347150-YUL
expires: Fri, 19 Apr 2024 01:36:22 GMT

GET
H2 200 barrons.js Show response
www.barrons.com/asset/dj-ufc/loaders/ 547 B
998 B 43ms
41ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/loaders/barrons.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e8ba2d2be4ac90ef4a767274b420b67479b5f6c84d70dd5781bba12145a117b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 23sGxQvfKaRokOoOKcO_zps9haxMcoPH
date: Sun, 30 Apr 2023 01:36:22 GMT
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 74
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 547
last-modified: Wed, 02 Nov 2022 15:35:58 GMT
server: AmazonS3
etag: "20650a068ba8bfb12a3e685de2071872"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=600
accept-ranges: bytes
x-amz-cf-id: TxV_cpPplKVc0JzdsThfqPnb0QQs6YAoaV3J6y0859NsIWaxPhOGxQ==

GET
H/1.1 200
OK evi.js Show response
s3.amazonaws.com/ki.js/46075/ 297 B
657 B 103ms
40ms Script
application/ecmascript 52.217.195.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/46075/evi.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ddc691783c58242f2e240f5b49641ee197af74ce3e1686ee7b578566d7a83ce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Sep 2022 05:17:37 GMT
Server: AmazonS3
x-amz-request-id: 26WGMQ1835GYM5WK
ETag: "58073b117b3b8bb906898996da733f42"
Content-Type: application/ecmascript
Cache-Control: s-maxage=3600, max-age=0
Accept-Ranges: bytes
Content-Length: 223
x-amz-id-2: a4Jf3mZzFSAdULN3tvYh3lQMJmxEGPVecLqZUHoRLrlQUWUemxZfV5ts0LueiKEcAqugQ81u6hY=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28aac97c0be3cbee2c6f0b280eb10f848f7989f3c845282496dc4ff9febead3c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 775 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96d40391d2c1f1b3a6437d370d70a1180c9b17d13d68b76b6ebffa0807f8f278

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 347 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c1b5c391e445839ef61acd28a919b707ecd4f4b7f46e854c24334ce48c4c8a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c633cb49f56ccb068f97d5ebc97822cf4d03e99c2395efeb586d99b609f673e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 DJ-barrons-logo.svg
www.barrons.com/asset/barrons/images/ 18 KB
8 KB 50ms
49ms Image
image/svg+xml 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.barrons.com/asset/barrons/images/DJ-barrons-logo.svg
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 527a5a83dda01d93c8e0e289bc6c1d66d22b6e5232f69b86b2f01b5ca94115de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:40:58 GMT
x-amz-version-id: SCvm903pQUXOmJaQNX_TQbVurzxbHFtq
content-encoding: br
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-request-id: WV2DR6NVAA3DCCG3
x-amz-cf-pop: ORD52-C3
x-amz-server-side-encryption: AES256
age: 820525
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
x-amz-id-2: xjhuPJIoVnsbP99KgcP2lTduLmObVk2yDe2dXUmIdkAtuMX/LQPW5ceYNrmMnJtCux0G/6Qbo1g=
last-modified: Mon, 17 Apr 2023 19:57:59 GMT
server: AmazonS3
etag: W/"91d9fa195b7007407de7f773dfa0a31d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: zc8TEMbVkIv2D7eatAU3DeBtqqYqcU4xu8YAtqLb3f9wfirZbe_mpw==

GET
H2 200 wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 0
36 KB 78ms
36ms Other
text/javascript 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-126.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:06:11 GMT
content-encoding: br
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 12 Apr 2023 15:35:02 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 1812
x-amz-server-side-encryption: AES256
etag: W/"42d1e9459103c32433cb7a2590755328"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: vJBDqYn4UyRKyd2Ehxd7B9yAoo93rGzGXYMfHHYt9hkkmweoG16iDg==

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/unified/ 122 KB
36 KB 76ms
21ms Script
text/javascript 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-126.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6edbf7efa384a9d4f15b08d8c9bab7b156db2f24a1849f34d6551a53ce1fd5c9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:06:11 GMT
content-encoding: br
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 12 Apr 2023 15:35:02 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 1812
x-amz-server-side-encryption: AES256
etag: W/"42d1e9459103c32433cb7a2590755328"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: zFJwmeMoDRGyws_VtLcBri7AZlnRaWlsHhK_mgmPDMMZ93O15IwztA==

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/a2d2f543-7d16-413e-b7c0-7fc163090b73/ 125 KB
44 KB 93ms
31ms Script
application/javascript 65.8.49.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/a2d2f543-7d16-413e-b7c0-7fc163090b73/ats.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.49.124 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-49-124.ord52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 850e6e33ad9aaf7cb11581029fedf08a1d855814d569f2afcea6a9764e8e0c83

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: HQ9304j9RdAzXRfbWPuOe9ISqZCfy4jq
content-encoding: gzip
via: 1.1 74776493d4f3c632dd559af74dbd6e8c.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 00:48:58 GMT
last-modified: Mon, 11 Jul 2022 19:47:42 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C3
age: 2847
x-amz-server-side-encryption: AES256
etag: W/"fa727e3dff728be847831c8875acf48a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: C-rBzUdshR-SrglUtOv6Qaz4J47awPZBumH6O_Z292_UGL6cGnINmA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 398 KB
123 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21587
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126109
x-xss-protection: 0
server: cafe
etag: 6695821980177688499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:36:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 79 B
87 B 79ms
35ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.barrons.com

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51c9bb396c065e9eebca8d8ded38e5049e48c301e9822369b76c5e0764363a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 21ms
20ms Stylesheet
text/css 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6456
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 01:56:20 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 87ms
28ms XHR
application/javascript 52.85.249.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.249.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-249-178.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding: gzip
via: 1.1 433684ff3df4bd5c49774dbbbd091e72.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 23:47:32 GMT
x-amz-cf-pop: ORD51-C4
age: 6567
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 27 Apr 2023 23:46:51 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: qXf6jSnO_4cChJzzPpS-HYz6QCqJvLIpqrwfywHyIjY_81PTuxH5-Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 52ms
49ms XHR
application/json 52.85.249.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3482&u=https%3A%2F%2Fwww.barrons.com
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.249.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-249-178.ord51.r.cloudfront.net
Software: Server /
Resource Hash: 18dd87f0b33f9dd503aeb7025b7b60c65147c094e542e2b675b71a3ff459f3fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
via: 1.1 6d6df3cff77ca7257114fa22468d9dbe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ORD51-C4
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.barrons.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1128
x-amz-cf-id: f7WqsU6xp4exdxMV2WwviBJS0Q3OLZmQNrsa6UE_zIvO0NQjmByv7Q==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 606 B
780 B 294ms
60ms Script
text/html 52.14.9.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&pcode=dowjonesheader64568365681&rx=515295686533&callback=MoatNadoAllJsonpRequest_45918183
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.9.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-14-9-78.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: d137c16c19a703e2a19a5a7851e34a378b182514ab6469def755b5c07d12f758

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "6fa7ccd8c01cbfab04367119688eafb158128e69"
content-length: 606
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 97 B
268 B 299ms
30ms Script
text/html 52.44.30.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=DOWJONES_HEADER1&hp=1&wf=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1682818582177&de=604882869776&rx=515295686533&m=0&ar=05dda1dc992-clean&iw=63e4407&q=1&cb=0&cu=1682818582177&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=dowjonesheader64568365681&fd=1&it=500&ti=0&ih=2&pe=1%3A458%3A458%3A0%3A0&jk=-1&jm=-1&fs=203310&na=1304419057&cs=0&ord=1682818582177&jv=1797863742&callback=DOMlessLLDcallback_45918183
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.30.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-30-82.compute-1.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: b6aa033318bf1134980011c5bdb88d1268cf9a6c9da88c9b304127f6e6637561

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "0ed9f17cc88b4257c21c182acd228eb3390f940e"
content-length: 97
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 99 B
272 B 297ms
29ms Script
text/html 52.44.30.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=DOWJONES_HEADER1&hp=1&wf=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1682818582177&de=604882869776&rx=515295686533&m=0&ar=05dda1dc992-clean&iw=63e4407&q=2&cb=0&cu=1682818582177&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=dowjonesheader64568365681&fd=1&it=500&ti=0&ih=2&pe=1%3A458%3A458%3A0%3A0&jk=-1&jm=-1&fs=203310&na=744844176&cs=0&callback=MoatDataJsonpRequest_45918183
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.30.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-30-82.compute-1.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 062016227cfd647d5454d2bca05aae10b71be576db090a7833518ec4a071f80c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "5db8860633aaa2298df40f5adabcf5a3b0a78992"
content-length: 99
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 06D8 1 KB
2 KB 19ms
18ms Document
text/html 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1344
content-length: 1374
content-type: text/html
date: Sun, 30 Apr 2023 01:36:22 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
unused62: 8096267
x-amz-id-2: 3EUbB6wka8dM4MxSoynAj7U8+CptU4Oid3/QPAkBgaOjDafcCdWDHVacdn0X0UggNFTFuYMVGV0=
x-amz-request-id: 088A9E01548DEE43

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 12 KB
5 KB 30ms
29ms Script
application/javascript 2600:9000:21d5:ee00:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d5:ee00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 e24f58374cba3dcb49076c378e9f7db0.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 07:51:02 GMT
last-modified: Fri, 29 Apr 2022 19:16:31 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C2
age: 63921
x-amz-server-side-encryption: AES256
etag: W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: hqa0Idn6_dl7ba81wFD7Go5KDtddQXRvtxFzNSx7XsC37qIz0u8ztQ==

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 98ms
24ms Preflight 44.206.92.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.92.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-92-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sun, 30 Apr 2023 01:36:22 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 op.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ 40 KB
16 KB 112ms
27ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0aefc1b421227b458ef996356e5b125ad043128f03ef0f8d9867726b73f09647

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: dWweO9kJ74YRGrzzzbnb3TyDTRjGNXwx
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:00:15 GMT
x-amz-cf-pop: ORD51-C1
age: 2285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16384
x-amz-meta-git_commit: 8db6969
last-modified: Sat, 29 Apr 2023 00:57:48 GMT
server: AmazonS3
etag: "a08100e8e09c79b12ce5fb0b8908398a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: hlUHsLveSYmD1YUUNGWT4nvs8yFiDt3yiF6hyrrWdmuTxRMZgeDYuQ==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
452 B 24ms
23ms XHR
text/plain 44.206.92.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.92.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-92-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 01:36:22 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 852_c111673e79db42de01965fe1091794704ded734dd090e57f1e4c7b527e6b401a_edge_helper.js Show response
cdn.optimizely.com/public/5090114122/18684620116/ 287 KB
86 KB 80ms
22ms Script
text/javascript 2600:1400:d:4a3::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/5090114122/18684620116/852_c111673e79db42de01965fe1091794704ded734dd090e57f1e4c7b527e6b401a_edge_helper.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:4a3::13b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c111673e79db42de01965fe1091794704ded734dd090e57f1e4c7b527e6b401a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 8FYC2lFx5eCYbKJTCqmf4qBSevUvq7Gv
content-encoding: gzip
date: Sun, 30 Apr 2023 01:36:22 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: M04JZQJQ9FQS5ZAR
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 852
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="17";dur=0,cdnip;desc="2600:1400:d:4a3::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467449_388099751_478116460_94_2258_17_0";dur=1
content-length: 87219
x-amz-id-2: N4ponkhuVXzk4y/dk2v3h22JpReadcdZW6wGNj2uxbD2bG8yGXIQ31pePl0ZYL2+l514rvFtVrg=
last-modified: Fri, 28 Apr 2023 16:38:12 GMT
server: AmazonS3
etag: "1070080d30db8e44730c4455af438757"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 61 KB
23 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f931f982c3f40d167c41dd5f1dcf8dc5ce8a93cf7ec3bbe083d4b52538ccf827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 505
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23411
x-xss-protection: 0
server: cafe
etag: 8331745290402310634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 02:27:57 GMT

GET
H2 200 vidora-client.1.2.9.min.js Show response
assets.vidora.com/js/ 10 KB
10 KB 31ms
30ms Script
binary/octet-stream 2600:9000:21d5:ee00:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.2.9.min.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d5:ee00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a801446b14366d62a4e9dc9105060d5d5f7cb079700e4c39318512214831ef37

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 08:37:47 GMT
x-amz-version-id: null
via: 1.1 e24f58374cba3dcb49076c378e9f7db0.cloudfront.net (CloudFront)
last-modified: Mon, 16 Mar 2020 20:44:10 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C2
age: 3689916
etag: "d159321aabbd618a7a5dab4154f5c764"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 9914
x-amz-cf-id: 4SETXDrjoIhY2PLh17jVDwyTOuaw9EQrnIEH0LIc_z2YkJtGFaAfWA==

GET
H2 200 many Show response
www.barrons.com/articles/svc/ 1 KB
809 B 127ms
126ms XHR
application/json 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barrons.com/articles/svc/many?ids=fireeye-stock-falls-after-state-sponsored-cyber-attack-51607465624,fireeye-stock-falls-after-state-sponsored-cyber-attack-51607465624,fireeye-stock-falls-after-state-sponsored-cyber-attack-51607465624&fields=data.attributes.headline.text,data.attributes.summary.content

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

874fabf27d80a25a0256cd146204ec7e5db121e4fe4d91a7c61bf2cc7a587eba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .dowjones.net .barrons.com
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM http://dowjones.net
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQAPVVRUCxAJUVdSAAkGV1I=
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-security-policy: frame-ancestors *.dowjones.net *.barrons.com
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-powered-by: Express
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"565-BI38S4VNQjrWgukeYlxMCyXcksk"
x-frame-options: ALLOW-FROM http://dowjones.net
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id: 3kF9-zoEsGqdnJSBQS09iftr9T1eL6wz4B0RpAMMPMb7N2v5nrDJYA==
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 29ms
28ms Other
image/svg+xml 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 01:56:44 GMT

GET
H3 200 serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 01EB 16 KB
7 KB 57ms
56ms Document
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=1682818582473&publicationId=barrons.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62c398329a94d5c5c4c8860178588e1899e6e1f7fd29ee91afdd6d83e099b6ea

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-Lz8NECShAaBpRAwgQnO1pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-Lz8NECShAaBpRAwgQnO1pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Sun, 30 Apr 2023 01:36:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 c8882c9c-15d3-4d1f-9b0e-81b6f321365d.23114ef3ee7e.js Show response
asset.barrons.com/article/public/ 20 KB
6 KB 33ms
26ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/c8882c9c-15d3-4d1f-9b0e-81b6f321365d.23114ef3ee7e.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bd9a0dc4e398e2bbb38defe9ec3dce05aef3efe215da9ac60da17701e6eef86

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:55:24 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 13:24:00 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 7152059
etag: W/"35d7a5fadc5f19406553a83bfba8d5e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Ip9_OfJrNPR7H8R2GczeFNYyNAJZ9EtyjZLlvME5xGEajrI6PMJpkA==

GET
H2 200 275181c7-8620-4df3-a008-d0cd9937db22.22442e93ddfe.js Show response
asset.barrons.com/article/public/ 26 KB
7 KB 46ms
33ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/275181c7-8620-4df3-a008-d0cd9937db22.22442e93ddfe.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b1563f10937c2b277986568191a01a71c03c184f8db7dcfc821044bbe9ab2b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:58:12 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 13:24:00 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 3703091
etag: W/"e5497da03a3993b8a576784fbecf60b5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: smeEAL73YLt294bVkWvKKZ5Bx4Q5lf-Cnz3fDELzIQIf8Ec9VG9Gkw==

GET
H2 200 38ce3d44-2ca9-4241-9b59-2152d8be3e8a.1b8f86a3da21.js Show response
asset.barrons.com/article/public/ 10 KB
4 KB 47ms
35ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/38ce3d44-2ca9-4241-9b59-2152d8be3e8a.1b8f86a3da21.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 224d5c1a589a8bb14a8da3b2ec215f9a64da1d77f3b0b716121983eb7a4d66c4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 15:08:43 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 10:59:20 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 3493659
etag: W/"14585e1b02f244e9bce63a770b7a938c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: yonIo4aztFEy6OUhF2ntdegVd7VbZgXuHX7BFM-lBFDndvrN2JkdrQ==

GET
H2 200 7ba1dbea-62fd-4d9b-a6bb-3b56f925c654.e50c6d2123b2.css
asset.barrons.com/article/public/ 58 KB
16 KB 38ms
26ms Stylesheet
text/css 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/7ba1dbea-62fd-4d9b-a6bb-3b56f925c654.e50c6d2123b2.css
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 521cc1b7d74c9ae4bc24d82db1c13efa340519b4c2691577b32b6ec4c33e640a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 12:09:27 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 13:59:16 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 7133216
etag: W/"d4560bc8af5ec3c195ca8c49d04fa2d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: -iRNEHrve5FguBJFrK_606p9vGFqexLoVvPomVjyN_oV7IHrPF5_qg==

GET
H2 200 7ba1dbea-62fd-4d9b-a6bb-3b56f925c654.11c1496c0bed.js Show response
asset.barrons.com/article/public/ 132 KB
33 KB 46ms
36ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/7ba1dbea-62fd-4d9b-a6bb-3b56f925c654.11c1496c0bed.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5461a917a7f971223ab5bd0bda420619deae3c987b6066247a6a39d525434f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 19:31:53 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 13:24:00 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 6847470
etag: W/"72e1b890529bd6119b7549bbc49bced7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: piOpBzSTnZsTu14QSDCzhrfAsJT_UedO8ub8-jCBHf9ziWZI_PEpJQ==

GET
H2 200 f338146a-1781-47b4-a8e4-91af9ba7d64c.09bc70e10954.css
asset.barrons.com/article/public/ 131 KB
27 KB 39ms
29ms Stylesheet
text/css 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/f338146a-1781-47b4-a8e4-91af9ba7d64c.09bc70e10954.css
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7447821963e8b3dc6d10c4c687caedd3e2cbfa0b4203e668a5f146448a73e583

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:38:28 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 15:55:48 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 5633875
etag: W/"4805f83c19831be46e1be31e926b8912"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: QfqZqSSa3tL58SX-m977jt7JImgbHWBUyP2omO4EmNjwa-zBci0H4A==

GET
H2 200 f338146a-1781-47b4-a8e4-91af9ba7d64c.73f6af9e0580.js Show response
asset.barrons.com/article/public/ 775 KB
143 KB 56ms
46ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/f338146a-1781-47b4-a8e4-91af9ba7d64c.73f6af9e0580.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e81b5417b19b1683de775c8e5c2e7336da0a5b237f0b21a645dea6c635c0d304

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:04:56 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Fri, 24 Mar 2023 13:30:37 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 2615487
etag: W/"acacabaeade7820043635f63c13c6234"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: JGNmbiVmQXPKMs7rn1UoUBWb39mYAXrjZYCRhP6EQQfrhzp_3ZiAPg==

GET
H2 200 9fbfa5ec-f2b7-44b7-abb2-f2066b3cad6d.4aa7bf06f1e8.css
asset.barrons.com/article/public/ 13 KB
4 KB 40ms
31ms Stylesheet
text/css 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/9fbfa5ec-f2b7-44b7-abb2-f2066b3cad6d.4aa7bf06f1e8.css
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2768ae53f3d0adb7aae675d689e261fc3189086f05f6cf004773de0dcc24336e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 06:42:52 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Wed, 20 Apr 2022 10:30:06 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 14583211
etag: W/"65dd1832ebd22030d2a501d52914ec21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: EB0WMv58X0LjIySO2cUs5YkbHkEWW5poLG3IMxMtAzYnQO8-WRF4aQ==

GET
H2 200 9fbfa5ec-f2b7-44b7-abb2-f2066b3cad6d.5401c5c7089a.js Show response
asset.barrons.com/article/public/ 32 KB
11 KB 58ms
50ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/9fbfa5ec-f2b7-44b7-abb2-f2066b3cad6d.5401c5c7089a.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 417a6186a53fcc08eb9999a19d4f9fa7734b0817c28de822337bd725dcc8cec5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:37:59 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 17:08:29 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 11685504
etag: W/"74398bba8754f8348e81875272693ebc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Gu-Fomqu0KPThbvhgc2GlMhqEbzbG6FKF2R5G-qRqwsQFyRHa5jz5g==

OPTIONS
H2 200 meta-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 59ms
19ms Preflight
text/plain 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=229&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=3633&ch=null&scriptVersion=4.8.0&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-126.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 35253
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 29 Apr 2023 15:48:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-id: nUWGdU22Qf10RgjwYrzK7L_UFZLRKo9ubflZaD0Jx6bkxW1MrYs3HA==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 ccpa.76009a2b49e794158c69.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.8.0/ 12 KB
4 KB 24ms
20ms Script
text/javascript 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.8.0/ccpa.76009a2b49e794158c69.bundle.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-126.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f724988664f7ff40306c2ae90a9e2b74521fbf937dce65fbc4ad9964008cb083

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:37:00 GMT
content-encoding: br
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 12 Apr 2023 14:54:00 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 35963
x-amz-server-side-encryption: AES256
etag: W/"a8966a38a0762b86f1b8b67f4adaa091"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: _BeUPxS2o2d398vEkb0haPAOvw6StaPN5VyWNK9lRhniU3p4q_2_Uw==

GET
H2 200 gdpr-tcf.c5f25289dc007b62e8a5.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.8.0/ 86 KB
18 KB 24ms
21ms Script
text/javascript 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.8.0/gdpr-tcf.c5f25289dc007b62e8a5.bundle.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-126.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc9e81999967e8bfe66b3337896a3401cc0ed306c99243b4924207df749a012e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:37:00 GMT
content-encoding: br
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 12 Apr 2023 14:54:00 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 35963
x-amz-server-side-encryption: AES256
etag: W/"15f3926a82b36fd8dad9dee4b7bc2b9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 3xFAvFBK7bLANzfmVsAr6p6oXCQ0Uznefhq_aFX3LHDZ3tE996eM3Q==

GET
H2 200 meta-data Show response
cdn.privacy-mgmt.com/wrapper/v2/ 301 B
836 B 20ms
20ms XHR
application/json 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-126.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

3a5df939031df9695a02a7cda36bc2e251b3f0d5a947ee6e6a3d1dabf2428613

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 00:43:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 3159
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 301
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: YSGmLUu7kSIuWcCDbkoDPKo860pdQeR21XX3JXI6QLArU7FbfLTt3Q==

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 99ms
26ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=FUTURE%2F%2F%2FDJIA%20Futures&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 103ms
30ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=FUTURE%2FUS%2F%2FSP%20500%20futures&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 101ms
29ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=FUTURE%2FUS%2F%2FNasdaq%20100%20futures&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 102ms
30ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=469101&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 54ms
47ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=FUTURE%2F%2F%2FDJIA%20Futures&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f8cf57ae4cad22e12b1ef52f9741062034ec28c0653312df6c6835d62c5eacb4

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1287
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 84ms
49ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=FUTURE%2FUS%2F%2FSP%20500%20futures&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 570dcbd00e4e5596286b90fce894651d5f321a6449f823eb8e5308f30c90a1b2

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1294
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 64ms
38ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=FUTURE%2FUS%2F%2FNasdaq%20100%20futures&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d087b69dc12673a9f462f9ef3cca8c647b0426a717f51987a4d83f23a0c7d469

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1301
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 73ms
40ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=469101&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0fc7abda4e5aa5417e70a5d292c34ce952a6a5bb77bf51e6ddd2b62d03443b9a

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1329
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 53ms
36ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=INDEX%2FCN%2FXSHG%2FSHCOMP&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f4bad0aa828c3437643bef3bc0858e16da34745892574867e90f459332800752

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1292
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 80ms
57ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=FUTURE%2FUS%2F%2FCrude%20Oil%20-%20Electronic&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2cb8a62928136b0e8f7522f370b82d44553c29487d7bf39542a292279bb3b6bd

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1312
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 4 KB
2 KB 63ms
37ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=4486748&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e250b5afc0f6404d2d6ce5f453283d7497d7c27feb9ff74919dd4ae7d2c5cb1a

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1529
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 71ms
50ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=433-25014677&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1678f4e1edfd45bbb2a7d55f430d8879b7b87aae76c488934f56482edaae6fd9

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1303
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 91ms
51ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=489137&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 939642a0c8db9598395b07246abc30d53c4072ea290aee9b84ab18ba0a031790

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1257
Expires: Sun, 30 Apr 2023 01:36:22 GMT

GET
H/1.1 200
OK quoteByDialect Show response
api.wsj.net/api/dylan/quotes/v2/comp/ 3 KB
2 KB 86ms
55ms Fetch
application/json 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=504637&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1a6754970fa19ebf289e6b9b77d68e8ab2df2571459da9e15f258526d3b2d23f

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Dylan2010.EntitlementToken: 57494d5ed7ad44af85bc59a51dd87c90

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1303
Expires: Sun, 30 Apr 2023 01:36:22 GMT

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 99ms
28ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=INDEX%2FCN%2FXSHG%2FSHCOMP&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 115ms
44ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=charting&id=FUTURE%2FUS%2F%2FCrude%20Oil%20-%20Electronic&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 127ms
30ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=4486748&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 128ms
28ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=433-25014677&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 133ms
31ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=489137&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK quoteByDialect
api.wsj.net/api/dylan/quotes/v2/comp/ Frame 0
0 129ms
30ms Preflight 104.127.184.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wsj.net/api/dylan/quotes/v2/comp/quoteByDialect?ckey=57494d5ed7&dialect=djid&id=504637&maxinstrumentmatches=1&needed=Meta|CompositeTrading|BlueGrassChannels|TimeZoneInfo|PastCloses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.184.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-184-98.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: dylan2010.entitlementtoken
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: dylan2010.entitlementtoken
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:22 GMT
Expires: Sun, 30 Apr 2023 01:36:22 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H3 200 article Show response
news.google.com/swg/_/api/v1/publication/barrons.com/ 324 B
270 B 54ms
53ms Fetch
application/json 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/barrons.com/article

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a7c108921aec53b21ed74d3979f9c1aea55ae72d724ff49d4e66bef21431c1c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 01EB 0
27 B 46ms
45ms Other
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oSeyDe5C2d6rWY3n9InFow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=1682818582473&publicationId=barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-oSeyDe5C2d6rWY3n9InFow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/ed=1/rs=ABXTjI4QWEPRvzQGURnmvRAPRWGC8RROcA/ Frame 01EB 521 B
967 B 73ms
20ms Stylesheet
text/css 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/ed=1/rs=ABXTjI4QWEPRvzQGURnmvRAPRWGC8RROcA/m=serviceiframeview,_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1682818582473&publicationId=barrons.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 19:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 19:02:54 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1... Frame 01EB 198 KB
70 KB 74ms
21ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1682818582473&publicationId=barrons.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9862d720a7bf84f9af0796630be7018e1dc90f9d4177dafe02b42a951d8fc89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 04:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71505
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 04:07:58 GMT

OPTIONS
H2 200 messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 20ms
19ms Preflight
text/plain 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A229%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.barrons.com%22%2C%22propertyId%22%3A3633%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=4159030454159030458a47&scriptVersion=4.8.0&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-126.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 32864
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 29 Apr 2023 16:28:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-id: K1c2z9ys7_xWdTTZ9uXQiNYzUo0VIvXtBl8TTCkd5qilTB2fXeAnvw==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 messages Show response
cdn.privacy-mgmt.com/wrapper/v2/ 1 KB
1 KB 38ms
38ms XHR
application/json 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-126.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

9800cb2ff4bf0cf670cf8bf061fda45239014a2bd3b802c2974e016036a8aee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: r-nue8UXRhkxcQY7sR5XJel4FvF8NWcKsdUwf-eFUEQrEay2BdJX7Q==

GET
H2 200 sso-status Show response
sso.accounts.dowjones.com/auth/ 2 B
310 B 135ms
55ms XHR
application/json 2600:9000:24ef:f400:19:6ce8:b580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.accounts.dowjones.com/auth/sso-status
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24ef:f400:19:6ce8:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
via: 1.1 fd55c103a391e84b5f31f2728b1a5514.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: BOS50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
content-length: 2
x-amz-cf-id: ucJCbY33zwSYUmQlLK9XHU-yTtiDVxV181GRBIkZhjLfUO5hdCazZg==

GET
H2 200 dj-ufc.esm.js Show response
www.barrons.com/asset/dj-ufc/v1.9.1/ 3 KB
2 KB 29ms
28ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/dj-ufc.esm.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85a2f7326ab136ecd971d60f7480bdd356370ea32d1997de1f1a9d9720a4c772

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:19 GMT
x-amz-version-id: NTIARUa6qxbGG1zVuR7pTDSHhgNLThMq
content-encoding: gzip
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820504
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
etag: W/"b129f9c3bca6169c7f100099ecb4b13e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: public, max-age=31557600, immutable
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: z8RAX-wid2xKEPvlZgMt0Nn3IHnsYAH1g4b5-rpw4L_YrzzmExbJdA==

GET
H2 200 b-8db6969-57aaf79f.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ 69 KB
26 KB 29ms
28ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63e5289e179564b3cf4ce26d0d4831e6950c3d445c23359b604681032c9e32bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:05:49 GMT
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
x-amz-version-id: hb5CoUKJh9ugIoA40ipfbWU5spAS3Ccg
x-amz-cf-pop: ORD51-C1
age: 1067434
x-cache: Hit from cloudfront
content-length: 26656
x-amz-meta-git_commit: 8db6969
last-modified: Mon, 07 Nov 2022 21:55:19 GMT
server: AmazonS3
etag: "cb1f115bbcd7235df3a06c8892303839"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -l723xeBcoHFTVa7Lq0V7Shzd-5CZDJ8WnikTu-75qduy39MwcPuGA==

GET
H2 200 bl-e09f10f-df0b19b9.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ 56 KB
24 KB 29ms
28ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/bl-e09f10f-df0b19b9.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa065ed34771276c21452124fcf2439750da791869a5ecc1fab3e9a41795cc44

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 00:57:53 GMT
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
x-amz-version-id: _6bJQno5St2oQYNFnatDV0RSo_xpKGoS
x-amz-cf-pop: ORD51-C1
age: 88710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24386
x-amz-meta-git_commit: e09f10f
last-modified: Sat, 29 Apr 2023 00:57:25 GMT
server: AmazonS3
etag: "dd21d255deb6e0da75a8cbc4b9009f61"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OZEQ-Hn_pRogsIdGg5CsbepvmN77u2LECJE7qdCzd0aWqf2JHSYoaQ==

GET
H2 200 BarronsTheme-275181c7-8620-4df3-a008-d0cd9937db22.f04b6c7e42f1.css
asset.barrons.com/article/public/ 27 KB
8 KB 29ms
27ms Stylesheet
text/css 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/BarronsTheme-275181c7-8620-4df3-a008-d0cd9937db22.f04b6c7e42f1.css
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42aa82f0a1d3138ad8da9c016ea89bfa5898ce8b2c09b6acdbd29baa58dd464e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:38:28 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Fri, 10 Feb 2023 11:28:42 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 5633875
etag: W/"23a8298503c62b9b8d063d195a86d8d4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: JQjAyBHCUDfxlkU5bfUHjolIim8ffQbj3O-2Wwa_vxWZpSmfqhop_g==

GET
H2 200 BarronsTheme-275181c7-8620-4df3-a008-d0cd9937db22.082ec0709cfa.js Show response
asset.barrons.com/article/public/ 11 KB
5 KB 29ms
28ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/BarronsTheme-275181c7-8620-4df3-a008-d0cd9937db22.082ec0709cfa.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 137d23c8b31918055d316bb19e87c6fff0f4a36287566775f5d65a1508f2cb63

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:38:28 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Fri, 10 Feb 2023 11:28:42 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 5633875
etag: W/"1b59aad7330286700bf86d25333b95e1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: oEVvK1zc1IFf9QjXKWs5spJ0zjw9HbC55XDA15VYWzGwCkLCLXEgPw==

OPTIONS
H2 200 pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 28ms
27ms Preflight
text/html 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=4159030454159030458a47&scriptVersion=4.8.0&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-126.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.barrons.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 01:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-id: YgYG9s6YQxDVgiN3vJCuEwU7VAsLWsdZLr8PdPmjmW6gwmG9d8ebJA==
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 201 B
641 B 208ms
155ms XHR
text/javascript 108.138.105.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3482&u=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&pid=oyRy3HSNEE4Aa&cb=0&ws=1600x1200&v=23.426.459&t=1000&slots=%5B%7B%22sd%22%3A%22AD_L%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F2%2Fbarrons.com%2Fbarrons_technology%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.105.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-105-30.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

5f6f561bfe25aa4bcc6efd0b79af69e6a0edd8ad13b6277b11a441f6f464a1f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-amz-rid: ZZWG4V4ZDM0FH9EREDNW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 201
x-amz-cf-id: NCj1_804Dsui6QJRox-9NDFM2hq76fP-LaiALCuc9YIE4IAaKcffnA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 201 B
640 B 254ms
204ms XHR
text/javascript 108.138.105.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3482&u=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&pid=oyRy3HSNEE4Aa&cb=1&ws=1600x1200&v=23.426.459&t=1000&slots=%5B%7B%22sd%22%3A%22AD_RAIL%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F2%2Fbarrons.com%2Fbarrons_technology%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.105.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-105-30.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

f87655b075ab86b11d7ef89868c5431d323a44b6a3a815ccb543e168f392371b

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-amz-rid: X4F9BZFSV697BYWT1QHF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 201
x-amz-cf-id: 4yh9KB9-gCqKFkM_0ocRzQOOurfpo1p6OXgQygUjz2zo7CX4O2qbEQ==

POST
H2 200 pv-data Show response
cdn.privacy-mgmt.com/wrapper/v2/ 190 B
727 B 33ms
31ms XHR
application/json 18.164.124.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=4159030454159030458a47&scriptVersion=4.8.0&scriptType=unified

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-126.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

a00b562ffee424fa4a42d4018ec8aa03218c36c9bd4aeba63a05edffb1c45210

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.barrons.com
x-cache: Miss from cloudfront
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 190
x-amz-cf-id: qE9QmR-X10JhYdVx7P7M2ThlyCKIcdSyxQwvAt0e0mggNx8ZSNwwoQ==

GET
H2 403 contextfeed.js
www.dianomi.com/js/ 0
0 104ms
47ms Script
text/html 104.18.16.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dianomi.com/js/contextfeed.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 138 KB
35 KB 86ms
22ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 484132018c922711d72e558f24783d050c44393e42cc4cb2a3dbce651f741e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 6_B28Bcw65tEgdvqhzPLXMTxZ6yjkQww
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:33:38 GMT
last-modified: Thu, 06 Apr 2023 14:30:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 165
x-amz-server-side-encryption: AES256
etag: W/"a45aceed176927a7957d63c0e3d709c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: WFuLwrdbFaObzcpq6scwU-3qqadN3F5CFWyuERGpR5ZYTONpByE2pg==

GET
H/1.1 200
OK recommendations Show response
cortex.vidora.com/v1/capi/users/123/ 55 KB
8 KB 159ms
46ms Fetch
application/json 54.145.162.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cortex.vidora.com/v1/capi/users/123/recommendations?api_key=newscorp.0DD648B41DB8B8BB5477678BE32A500E&publishers=BARRONS&limit=8&item_id=BARRONS.SB50291655048428463406904587159083780091586&excluded_categories=afp-news,deco-summary-(content),barrons-interactive,advisor-news,advisor-profiles,best-practices,coaches-corner,top-independents,advisor-center-investing,advisor-center-retirement,top-1200,advisor-guide
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.145.162.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-162-27.compute-1.amazonaws.com
Software: /
Resource Hash: 243fc408544413a8876e26c5107c6ba33e2c1e30a5435ef9819d9e38fd4e0a18

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex
content-length: 7677
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK recommendations Show response
cortex.vidora.com/v1/capi/users/undefined/ 19 KB
3 KB 127ms
35ms Fetch
application/json 54.145.162.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cortex.vidora.com/v1/capi/users/undefined/recommendations?api_key=newscorp.0DD648B41DB8B8BB5477678BE32A500E&publishers=BARRONS&limit=3&item_id=SB50291655048428463406904587159083780091586&excluded_categories=afp-news,deco-summary-(content),hide-from-feeds
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.145.162.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-162-27.compute-1.amazonaws.com
Software: /
Resource Hash: 90dcfcfec7ad33f40c50b7b310de4b17d6dd366616e90db7247fae8b5c18ff3d

Request headers

Accept: application/json
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex
content-length: 3123
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK items Show response
cortex.vidora.com/v1/modules/barrons_new_articles.be66b4471cba19f6/users/8c5athtu2jhqeig5f0rb2842og55b8/ 22 KB
5 KB 125ms
46ms XHR
application/json 54.145.162.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cortex.vidora.com/v1/modules/barrons_new_articles.be66b4471cba19f6/users/8c5athtu2jhqeig5f0rb2842og55b8/items?api_key=newscorp.0DD648B41DB8B8BB5477678BE32A500E&user_filter_device=desktop&user_filter_subscriber_status=non_subscriber
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.145.162.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-162-27.compute-1.amazonaws.com
Software: /
Resource Hash: 9750809198ba26f88356e8d90a8d04f8fd3ac497a9f6dda9764a8478c2fb5ae1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex
content-length: 4463
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BarronsTheme-c8882c9c-15d3-4d1f-9b0e-81b6f321365d.73b80bed61e1.css
asset.barrons.com/article/public/ 8 KB
3 KB 29ms
26ms Stylesheet
text/css 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/BarronsTheme-c8882c9c-15d3-4d1f-9b0e-81b6f321365d.73b80bed61e1.css
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd3857eb0cef492a9fcc6acfea61f420a2440e34187e93719d73846236248965

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 12:09:30 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Wed, 20 Apr 2022 10:30:06 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 7133213
etag: W/"f25a2994f902738348b2e1285ede3636"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: ISEXXi163pOMDr_76--EupTHl8IIBbSelSoXzxoA7NA4I-I_UWhcVA==

GET
H2 200 BarronsTheme-c8882c9c-15d3-4d1f-9b0e-81b6f321365d.3d427ccd620a.js Show response
asset.barrons.com/article/public/ 1 KB
1 KB 30ms
28ms Script
application/javascript 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.barrons.com/article/public/BarronsTheme-c8882c9c-15d3-4d1f-9b0e-81b6f321365d.3d427ccd620a.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f8bfd681a10c9e82846a7de7303598fd146930240be1e232ef690ec9131b43b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:58:36 GMT
content-encoding: gzip
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 10:15:48 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 17735867
etag: W/"1cf1e5ce7439706c502a9a1a5a2c4342"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Si2ux_lDzLr5lnPHxblLpu5nbMF9EM_jw-zG3H_lb4guXFR6tj8M0A==

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 80ms
26ms Preflight 34.236.83.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-83-94.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.barrons.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 30 Apr 2023 01:36:23 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 67ms
27ms Preflight 34.236.83.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-83-94.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.barrons.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 30 Apr 2023 01:36:23 GMT
server: ATS/9.1.10.25

POST
H2 200 cookie_sync Show response
pg-prebid-server.rubiconproject.com/ 2 KB
808 B 878ms
683ms XHR
application/json 35.81.179.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pg-prebid-server.rubiconproject.com/cookie_sync
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.179.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-179-60.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 91c7394c0d7c9627615aef296ad45c563974b44de0187402cf712781fe5ec07b

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 594
expires: 0

POST
H2 200 auction Show response
pg-prebid-server.rubiconproject.com/openrtb2/ 186 B
413 B 301ms
109ms XHR
application/json 35.81.179.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pg-prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.179.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-179-60.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 43cc5e1c4b245d5a142921135984c5ee96ac65f683a8674ff50163d323f7ee9b

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
x-prebid: pbs-java/1.117.0
content-type: application/json
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 178
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
827 B 86ms
41ms XHR
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:23 GMT
AN-X-Request-Uuid: 7fa81cd9-fb82-46da-9726-c7645f6841c7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
563 B 254ms
210ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=409263
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35b4468ee3b92996a8e1a40804cc59b72893fa04abffe8162ad743cd0618904f

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vz%2BMjkejGb5WgADwASKvEIxwbS9JPlm9iaUiC12c1DPj7Z0xSlzMzSKg3BeIkk21EIetnCSapxJSKD3k77Rt3IDii4BaVZdXdvZfy5BuNDxFW4d1x%2BmjCENss7TWrrYClChEUmN4"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7bfc0dafed0ca210-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
522 B 96ms
25ms XHR
application/json 44.192.36.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.39.0&referrer=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tmax=750&gdpr=false&us_privacy=1---

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.192.36.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-192-36-208.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 75ms
25ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.39.0&cb=57907864174&lsavail=1

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
285 B 215ms
167ms XHR
application/json 34.236.83.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-83-94.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b5eaa00d3e707f742070128a094c639e9adf5fc9f1656ab183d0ab168e31826a

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
x-openrtb-version: 2.5
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
content-length: 84

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 500 B
823 B 286ms
213ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9673&site_id=118262&zone_id=557016&size_id=2&alt_size_ids=57&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&kw=Computers%2FConsumerElectronics%2CSoftware%2CApplicationsSoftware%2CComputing%2CEnterpriseManagementSoftware%2CSecurity%2FPrivacySoftware%2CTechnology%2CCorporateCrime%2FLegalAction%2CCorporate%2FIndustrialNews%2CPolitical%2FGeneralNews%2CCrime%2FLegalAction%2CCybercrime%2FHacking%2CPolitics%2FInternationalRelations%2CDomesticPolitics%2CGovernmentBodies%2CContentTypes%2CFactivaFilters%2CC%26EExecutiveNewsFilter%2CC%26EIndustryNewsFilter%2CSYND%2CFireEye%2CFEYE%2CSolarWinds%2CSWI%2Ccorporatecrime%2Clegalaction%2Ccorporate%2Cindustrialnews%2Cpolitical%2Cgeneralnews%2Ccrime%2Ccybercrime%2Chacking%2Cpolitics%2Cinternationalrelations%2Cdomesticpolitics%2Cgovernmentbodies%2Ccontenttypes%2Cfactivafilters%2Cc%26eexecutivenewsfilter%2Cc%26eindustrynewsfilter%2Ctechnology%2Ccomputers%2Cconsumerelectronics%2Csoftware%2Capplicationssoftware%2Ccomputing%2Centerprisemanagementsoftware%2Csecurity%2Cprivacysoftware&tg_i.page=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tg_i.domain=www.barrons.com&tg_i.name=Barrons&tg_i.pagetype=Others&tg_i.pbadslot=%2F2%2Fbarrons.com%2Fbarrons_technology%23AD_L&tk_flint=pbjs_lite_v7.39.0&x_source.tid=f4c49aae-62ec-4f4b-853c-0ff5a4d5e1d5&l_pb_bid_id=154a6cfd777a4ce&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F2%2Fbarrons.com%2Fbarrons_technology%23AD_L&slots=1&rand=0.16917916247127485
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 487908bffb419635b893682145093e31d375eaa380a06a1c51aca9c3a9f232f1

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.barrons.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 500
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 98ms
42ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.barrons.com
date: Sun, 30 Apr 2023 01:36:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
pg-prebid-server.rubiconproject.com/openrtb2/ 186 B
413 B 273ms
107ms XHR
application/json 35.81.179.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pg-prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.179.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-179-60.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f097e2cf38612c8df5cf00a07f995cc61e708c4c54c8973f2159e6c01c2b1d81

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
x-prebid: pbs-java/1.117.0
content-type: application/json
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
511 B 172ms
124ms XHR
application/json 34.236.83.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-83-94.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 41461b316af51f5058831109c477ab5b224331c9f9c1f11627ef5f09de71ca4c

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
x-openrtb-version: 2.5
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
content-length: 84

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 126ms
79ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.barrons.com
date: Sun, 30 Apr 2023 01:36:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 484 B
1 KB 212ms
151ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9673&site_id=118262&zone_id=557016&size_id=15&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&kw=Computers%2FConsumerElectronics%2CSoftware%2CApplicationsSoftware%2CComputing%2CEnterpriseManagementSoftware%2CSecurity%2FPrivacySoftware%2CTechnology%2CCorporateCrime%2FLegalAction%2CCorporate%2FIndustrialNews%2CPolitical%2FGeneralNews%2CCrime%2FLegalAction%2CCybercrime%2FHacking%2CPolitics%2FInternationalRelations%2CDomesticPolitics%2CGovernmentBodies%2CContentTypes%2CFactivaFilters%2CC%26EExecutiveNewsFilter%2CC%26EIndustryNewsFilter%2CSYND%2CFireEye%2CFEYE%2CSolarWinds%2CSWI%2Ccorporatecrime%2Clegalaction%2Ccorporate%2Cindustrialnews%2Cpolitical%2Cgeneralnews%2Ccrime%2Ccybercrime%2Chacking%2Cpolitics%2Cinternationalrelations%2Cdomesticpolitics%2Cgovernmentbodies%2Ccontenttypes%2Cfactivafilters%2Cc%26eexecutivenewsfilter%2Cc%26eindustrynewsfilter%2Ctechnology%2Ccomputers%2Cconsumerelectronics%2Csoftware%2Capplicationssoftware%2Ccomputing%2Centerprisemanagementsoftware%2Csecurity%2Cprivacysoftware&tg_i.page=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tg_i.domain=www.barrons.com&tg_i.name=Barrons&tg_i.pagetype=Others&tg_i.pbadslot=%2F2%2Fbarrons.com%2Fbarrons_technology%23AD_RAIL&tk_flint=pbjs_lite_v7.39.0&x_source.tid=fd4c555c-e609-4faf-8670-52da61eb115a&l_pb_bid_id=26dc3edd3be404e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F2%2Fbarrons.com%2Fbarrons_technology%23AD_RAIL&slots=1&rand=0.7012781977894431
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 87eea26a32554f4705d53fae128a7c91b6f0ed7406b48f4cd71877b8d826a250

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.barrons.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 484
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
523 B 74ms
24ms XHR
application/json 44.192.36.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.192.36.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-192-36-208.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
317 B 257ms
239ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=409263
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8040fa465bd79268a833205648a067b259c62d194fee843a286b943d0231b1

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnTgVhY%2F27cqCSB5V4deguJXS0O%2BFm%2Bb6tnepkHCmP9IJk0be6jRuusL7SAA6tST9z%2BwTTgp%2B7z8Lf1LK5AsT1Ga%2FrFA3oLOwSRMsAwxckwFGZG4IdartNE37chR752AMfPR%2BjZI"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7bfc0dafed10a210-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 52ms
25ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.39.0&cb=67456568561&lsavail=1

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Apr 2023 01:36:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
827 B 93ms
56ms XHR
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:23 GMT
AN-X-Request-Uuid: a6ec1632-55ac-4ec0-95fe-e43929780711
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 p-517a0862.js Show response
www.barrons.com/asset/dj-ufc/v1.9.1/ 9 KB
5 KB 30ms
28ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/p-517a0862.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 455fff3bfb47648ad484148f5e5b10f25b657b0f346e0e46421f7e00ba2fd293

Request headers

Referer: https://www.barrons.com/asset/dj-ufc/v1.9.1/dj-ufc.esm.js
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:20 GMT
x-amz-version-id: pb5ezJq_tHHWQVtI9wxHANV0jA4YW93v
content-encoding: gzip
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820504
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
etag: W/"deeddcf286435d6fd81f32d71987bfe6"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: public, max-age=31557600, immutable
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ncD_KFpWRUJJrcqsqa6wS64T6F6p75lvKGjukQCvuwBmBnMHUMnfeQ==

GET
H2 200 p-c6dce4db.js Show response
www.barrons.com/asset/dj-ufc/v1.9.1/ 86 B
726 B 31ms
29ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/p-c6dce4db.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08be7bfc1fd20f2791c7cf5367c77e46fa433266f10a35c60c463274b7248b06

Request headers

Referer: https://www.barrons.com/asset/dj-ufc/v1.9.1/dj-ufc.esm.js
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:20 GMT
x-amz-version-id: eZI46yYKEUs9e72pASBjx3ZxuxUm9K6V
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820504
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 86
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
etag: "95a561b17c9c140ebe421ffa1dfabb28"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: public, max-age=31557600, immutable
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: uX70cm6X3s1abE5cuioWpySARZA7ogd0LbycC6lCVqNTwJ-T9rHXpQ==

GET
H2 200 92f38a9e0e2a29b35714531e46b219ba
content.capi.newscorp.com/images/ 2 KB
3 KB 186ms
29ms Image
image/jpeg 2600:9000:2211:5e00:6:ddc1:5c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.capi.newscorp.com/images/92f38a9e0e2a29b35714531e46b219ba?width=88
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2211:5e00:6:ddc1:5c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f2962a04d34bd117121c622fc6cb06fd45b46b9cc1a894a17d6cfb096c3433a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 09:56:57 GMT
via: 1.1 16159e59796a2988cad1e260b170aa7e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C4
age: 56366
x-amzn-trace-id: Root=1-644ce9e9-15caf82a7ce2d20c2f6646f4
x-amzn-requestid: aceb1b23-8a4b-45a8-80d7-fb233ab3e350
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-apigw-id: EIl8eEmRIAMF_Yg=
content-length: 2421
x-amz-cf-id: rjbO-ibKe7Q2BcPx8B_xLXEvK4oJTJJBPlcQPGYWpFnM5u9y5rAR0g==

GET
H2 200 688afb0fcfec76a2106cf08116c9d021
content.capi.newscorp.com/images/ 2 KB
3 KB 189ms
32ms Image
image/jpeg 2600:9000:2211:5e00:6:ddc1:5c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.capi.newscorp.com/images/688afb0fcfec76a2106cf08116c9d021?width=88
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2211:5e00:6:ddc1:5c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b5accc72a5ed1badd3c71757b9a99be0393789490c25792686f28a44f96d72f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:40:00 GMT
via: 1.1 16159e59796a2988cad1e260b170aa7e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C4
age: 68183
x-amzn-trace-id: Root=1-644cbbbf-51bf95454acd150a45daf70c
x-amzn-requestid: 30889539-b80b-4983-b8c0-796e999ec3dd
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-apigw-id: EIJGCEt7IAMFZNA=
content-length: 2277
x-amz-cf-id: qAisuT4tSe5WVJX0gZu986RxTsjr63tCnTWGE2fE3GJDNiuIXDeB9A==

GET
H2 200 7821746bb6bca1bc6c4a91b3977cd3c1
content.capi.newscorp.com/images/ 2 KB
2 KB 309ms
153ms Image
image/jpeg 2600:9000:2211:5e00:6:ddc1:5c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.capi.newscorp.com/images/7821746bb6bca1bc6c4a91b3977cd3c1?width=88
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2211:5e00:6:ddc1:5c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2c5f380018ae1f09fc4d8149d9184b263a75a7046ec9f3eb8903f39a2d013259

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
via: 1.1 16159e59796a2988cad1e260b170aa7e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C4
x-amzn-trace-id: Root=1-644dc617-67966bdb7a93a750391a223c
x-amzn-requestid: 5ea50286-653c-4f5c-9a02-290f395a0965
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-apigw-id: EKvjtGBmIAMFw5Q=
content-length: 1863
x-amz-cf-id: J2m8zH4TE-IIZWeysZgzjjsIGSbEvQG20nHNTqjekTHkrEtgXxzl9Q==

GET
H2 200 8d40bc60e53f96c8f99dcb9384499aff
content.capi.newscorp.com/images/ 2 KB
2 KB 188ms
32ms Image
image/jpeg 2600:9000:2211:5e00:6:ddc1:5c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.capi.newscorp.com/images/8d40bc60e53f96c8f99dcb9384499aff?width=88
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2211:5e00:6:ddc1:5c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8e5cee77b8685a30e59a9e54d313aee9e05a2d8ea359c37950de09e407832886

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:36:45 GMT
via: 1.1 16159e59796a2988cad1e260b170aa7e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C4
age: 25178
x-amzn-trace-id: Root=1-644d63bd-4489743b48ddf37303205b77
x-amzn-requestid: 86beccd0-983f-4273-865b-00348409d734
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-apigw-id: EJyFqEd7IAMF3dw=
content-length: 1803
x-amz-cf-id: QDzVrqn1-Z1dc4L6hJUvtw7ULGRC9MSMwaAl9jrozBAyi6obso4_CA==

GET
H2 200 ece9d87fcf59f0e5f7a0561f4bceb2bd
content.capi.newscorp.com/images/ 3 KB
3 KB 187ms
31ms Image
image/jpeg 2600:9000:2211:5e00:6:ddc1:5c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.capi.newscorp.com/images/ece9d87fcf59f0e5f7a0561f4bceb2bd?width=88
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2211:5e00:6:ddc1:5c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0f5a9d05963918122dde403e694fbfd7b169f71501b1a0d342d1d5456da1402d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 02:53:24 GMT
via: 1.1 16159e59796a2988cad1e260b170aa7e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C4
age: 81779
x-amzn-trace-id: Root=1-644c86a4-09e457470cf1fe1e0655c73d
x-amzn-requestid: 5659c267-8ffa-4d84-9af4-af677f5319c0
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-apigw-id: EHn5xGinIAMFYvg=
content-length: 2759
x-amz-cf-id: 5Aje2GCRtjatANufluBd8smn3n3HQ2g9U93nE6O_RIhA6M82xPf06Q==

GET
H2 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame 01EB 124 KB
42 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7421f5862e407365973442ea5e7e98575b6f179ed23ad2c8d6c1ab7c9a8d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 17:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42737
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 19:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 17:32:22 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame 01EB 18 KB
7 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ee1534cd1c1ee75c6cc66bf9a090aaea63c0018e66190675071723b7a8b6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 17:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7427
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 19:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 17:32:27 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1682818583286
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1682818583286

367 B
1 KB

28ms
27ms

XHR
application/json

52.1.136.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1682818583286

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Server

52.1.136.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-136-228.compute-1.amazonaws.com

Software

Resource Hash

e82bfea720ac904efda8a84f5d9db37461d4539d51454e469726439b219c3905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v047-0c58d12bf.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: JewFaes5SLs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.barrons.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v047-0f2edb14e.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nEKFZTRNQwE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.barrons.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1682818583286
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 searchIcon-black.34470e11800f.svg
asset.barrons.com/article/public/img/ 546 B
892 B 28ms
27ms Image
image/svg+xml 2600:9000:212f:1800:1a:635e:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.barrons.com/article/public/img/searchIcon-black.34470e11800f.svg
Requested by: Host: asset.barrons.com
URL: https://asset.barrons.com/article/public/f338146a-1781-47b4-a8e4-91af9ba7d64c.09bc70e10954.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:212f:1800:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 618eb54b4423c9b6e306b87bc4d48822a3d95675afedf7380e2d38c8877d290f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://asset.barrons.com/article/public/f338146a-1781-47b4-a8e4-91af9ba7d64c.09bc70e10954.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 08:04:18 GMT
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 02:37:30 GMT
server: AmazonS3
x-amz-cf-pop: ORD51-C1
age: 3778325
etag: "34470e11800fdff4e69a13919184efc7"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 546
x-amz-cf-id: kUIN_K6WWjidBs3RPhysWJYENA6WocK4o7H1cANCbAw2DhzZdCjCWw==

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame BD22
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

330 B
1 KB

55ms
54ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5c9af57c3fcd07aa7818d33715a9b4840c34f682d7e2262ce04be78fffd14422

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 330
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 30 Apr 2023 01:36:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZBDZWEA39Q3QK7YGX8QK

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 96ASZ4X86PE9E2V34EW5

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
531 B 102ms
38ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.barrons.com

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 88ms
41ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.barrons.com

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 116ms
115ms XHR
text/plain 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603748360803563&correlator=1846203522951326&eid=31072020%2C31073865%2C31074188%2C44790318%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=2%2Cbarrons.com%2Cbarrons_technology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=1&adks=1611725678&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26webview%3Dn%26adlocation%3DRAIL%26adcomponent%3Duac%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgb_spam_news-ent%252Cgs_politics_issues_policy%252Cgs_science%252Cgs_busfin_indus%252Cgs_business_misc%252Cgv_crime%252Cgs_tech_compute_apps_antivir%252Cmoat_unsafe%252Cgs_law_misc%252Cgs_busfin%252Cgb_spam_edu%252Cgb_crime_edu%252Cgs_tech_compute_apps%252Cgs_science_misc%252Cgs_law%252Cgs_busfin_business%252Cgs_busfin_business_admin%252Cgb_measurable%252Cgs_tech_compute%252Cgs_health%252Cgs_politics%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26alert%3Dvolatility100%252Cgreen%252C1.1120387297878216%26page%3Darticle%26circ%3Dsnippet%26psg%3D999998%26usertype%3Dnonsubscriber%26userexp%3Ddefault%26articleid%3DSB50291655048428463406904587159083780091586%26articleauthor%3DEric%2520J.%2520Savitz%26articletemplate%3Dpreview%26articleheadline%3DFireEye%252C%2520U.S.%2520Agencies%2520Affected%2520By%2520Cyber%2520Attack%2520On%2520Solar%2520Winds%2520Software%26pageaccess%3Dpaid%26pagesection%3DDaily%26pagesubsection%3DTechnology%26pagetype%3DArticle_continuous%26articletype%3DFeature%26keywords%3DComputers%252FConsumer%2520Electronics%252CSoftware%252CApplications%2520Software%252CComputing%252CEnterprise%2520Management%2520Software%252CSecurity%252FPrivacy%2520Software%252CTechnology%252CCorporate%2520Crime%252FLegal%2520Action%252CCorporate%252FIndustrial%2520News%252CPolitical%252FGeneral%2520News%252CCrime%252FLegal%2520Action%252CCybercrime%252FHacking%252CPolitics%252FInternational%2520Relations%252CDomestic%2520Politics%252CGovernment%2520Bodies%252CContent%2520Types%252CFactiva%2520Filters%252CCandE%2520Executive%2520News%2520Filter%252CCandE%2520Industry%2520News%2520Filter%252CSYND%252CFireEye%252CFEYE%252CSolarWinds%252CSWI%252Ccorporate%2520crime%252Clegal%2520action%252Ccorporate%252Cindustrial%2520news%252Cpolitical%252Cgeneral%2520news%252Ccrime%252Ccybercrime%252Chacking%252Cpolitics%252Cinternational%2520relations%252Cdomestic%2520politics%252Cgovernment%2520bodies%252Ccontent%2520types%252Cfactiva%2520filters%252Ccande%2520executive%2520news%2520filter%252Ccande%2520industry%2520news%2520filter%252Ctechnology%252Ccomputers%252Cconsumer%2520electronics%252Csoftware%252Capplications%2520software%252Ccomputing%252Centerprise%2520management%2520software%252Csecurity%252Cprivacy%2520software%26breakpoint%3Dat16units%26nckey_userGroup%3D9%26refsec%3Darticles%252Cfireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%26topic%3D%26pageview%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1682818583382&lmt=1682818583&dlt=1682818581928&idt=391&adxs=970&adys=571&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&rumc=2603748360803563&rume=1&frm=20&vis=1&psz=300x1&msz=300x0&fws=4&ohw=1600&ga_vid=786262553.1682818583&ga_sid=1682818583&ga_hid=1123438319&ga_fc=false

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be1d16ffe202dd1ebff9b879f81f8f833721fb97831a5cff3ba76994ff03b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11963
x-xss-protection: 0
google-lineitem-id: 5434609679
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138318056594
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a25c2057485bacf8d30418738bc64a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A239 6 KB
3 KB 113ms
39ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a25c2057485bacf8d30418738bc64a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:23 GMT
expires: Mon, 29 Apr 2024 01:36:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 106ms
105ms XHR
text/plain 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2603748360803563&correlator=1846203522951326&eid=31072020%2C31073865%2C31074188%2C44790318%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=2%2Cbarrons.com%2Cbarrons_technology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C1x6%7C2x1&ifi=2&adks=1837188095&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26webview%3Dn%26adlocation%3DL%26adcomponent%3Duac%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgb_spam_news-ent%252Cgs_politics_issues_policy%252Cgs_science%252Cgs_busfin_indus%252Cgs_business_misc%252Cgv_crime%252Cgs_tech_compute_apps_antivir%252Cmoat_unsafe%252Cgs_law_misc%252Cgs_busfin%252Cgb_spam_edu%252Cgb_crime_edu%252Cgs_tech_compute_apps%252Cgs_science_misc%252Cgs_law%252Cgs_busfin_business%252Cgs_busfin_business_admin%252Cgb_measurable%252Cgs_tech_compute%252Cgs_health%252Cgs_politics%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26alert%3Dvolatility100%252Cgreen%252C1.1120387297878216%26page%3Darticle%26circ%3Dsnippet%26psg%3D999998%26usertype%3Dnonsubscriber%26userexp%3Ddefault%26articleid%3DSB50291655048428463406904587159083780091586%26articleauthor%3DEric%2520J.%2520Savitz%26articletemplate%3Dpreview%26articleheadline%3DFireEye%252C%2520U.S.%2520Agencies%2520Affected%2520By%2520Cyber%2520Attack%2520On%2520Solar%2520Winds%2520Software%26pageaccess%3Dpaid%26pagesection%3DDaily%26pagesubsection%3DTechnology%26pagetype%3DArticle_continuous%26articletype%3DFeature%26keywords%3DComputers%252FConsumer%2520Electronics%252CSoftware%252CApplications%2520Software%252CComputing%252CEnterprise%2520Management%2520Software%252CSecurity%252FPrivacy%2520Software%252CTechnology%252CCorporate%2520Crime%252FLegal%2520Action%252CCorporate%252FIndustrial%2520News%252CPolitical%252FGeneral%2520News%252CCrime%252FLegal%2520Action%252CCybercrime%252FHacking%252CPolitics%252FInternational%2520Relations%252CDomestic%2520Politics%252CGovernment%2520Bodies%252CContent%2520Types%252CFactiva%2520Filters%252CCandE%2520Executive%2520News%2520Filter%252CCandE%2520Industry%2520News%2520Filter%252CSYND%252CFireEye%252CFEYE%252CSolarWinds%252CSWI%252Ccorporate%2520crime%252Clegal%2520action%252Ccorporate%252Cindustrial%2520news%252Cpolitical%252Cgeneral%2520news%252Ccrime%252Ccybercrime%252Chacking%252Cpolitics%252Cinternational%2520relations%252Cdomestic%2520politics%252Cgovernment%2520bodies%252Ccontent%2520types%252Cfactiva%2520filters%252Ccande%2520executive%2520news%2520filter%252Ccande%2520industry%2520news%2520filter%252Ctechnology%252Ccomputers%252Cconsumer%2520electronics%252Csoftware%252Capplications%2520software%252Ccomputing%252Centerprise%2520management%2520software%252Csecurity%252Cprivacy%2520software%26breakpoint%3Dat16units%26nckey_userGroup%3D9%26refsec%3Darticles%252Cfireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%26topic%3D%26pageview%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1682818583422&lmt=1682818583&dlt=1682818581928&idt=391&adxs=436&adys=242&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&rumc=2603748360803563&rume=1&frm=20&vis=1&psz=1600x250&msz=1600x0&fws=4&ohw=1600&ga_vid=786262553.1682818583&ga_sid=1682818583&ga_hid=1123438319&ga_fc=false

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb455b8e8da979ea3a11242d438b5ca9481ad817d558c8c31a01c17a8f4ce2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11795
x-xss-protection: 0
google-lineitem-id: 5434609679
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138318132774
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utag.154.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 2 KB
1 KB 18ms
18ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.154.js?utv=ut4.44.202301091851
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 281b1bde2e0540cfc33ad10870159d96c605bd005551845ac085ba39b2f84bf3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: FaPNlLSDipJ2fh6TCYbuIc1uAxA2VN48
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:54 GMT
last-modified: Thu, 06 Apr 2023 14:30:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 30
x-amz-server-side-encryption: AES256
etag: W/"17264f5ff5f0418f70483a926bf13570"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: dfKhJ2_HcG3a-9gBG039mkY9V29OYK3vy4UpCnZmD2E27IpzZ7bWKg==

GET
H2 200 utag.140.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 61 KB
21 KB 20ms
18ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.140.js?utv=ut4.44.202304061429
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c37e541b7618d427bc73c634922d2a699f350dd27667240f14d98eec3e3d34f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: BKzdhyVPWpCZArbfHuiZjZh2c.De6glL
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"35e5fd726b27a57585a6df80283c3f7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: daCi598GTcO1VQVwlzclpM6vWyvKNelDNvxzvA6596asvvtt1oBKCA==

GET
H2 200 utag.163.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 3 KB
2 KB 22ms
19ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.163.js?utv=ut4.44.202301241625
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0f9d3fa08b49f9373b02c5fa19cbab78617e1fa1b3b68ee1efe720464d22c94

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: jO5YCrdrZVtsspyvtZlaC8XPZiGWhzj5
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:20 GMT
last-modified: Thu, 06 Apr 2023 14:30:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 64
x-amz-server-side-encryption: AES256
etag: W/"86496cfd6d425882810a604fbc63cbb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: nBNE685fMOnF2ToHvmqJA5CqigFknDg7bYxOp6tSrdhRQwn7x_UTZw==

GET
H2 200 utag.164.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 55 KB
17 KB 22ms
20ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.164.js?utv=ut4.44.202301091851
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f97197137a2c9b02474805b62f6efb8f3c40854cedf784d2933238174f0dc02

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: vPuucxC.D9UTDWTl8a.Hf8Mp8x7tGCpi
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"c2bc78b4f21b410d8d02df9673227cae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: IH0PM5f9oCbbQnyLWv8nMVkbSt8YmhmOhmVkSQ9qNuPh4IX3ZaLVbw==

GET
H2 200 utag.170.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 2 KB
1 KB 23ms
21ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.170.js?utv=ut4.44.202301091851
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49fd60e44c3c4731fc4d2332c15b050bf3376dc092cab9ee72a1da146e540e33

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: NF2Oz.52ZNFCC5HgngO73qYut6n83uu_
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"335bc7a2dee9ae6da4d5846402d85251"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: uudAichLLAN7cqCOAwuV7-meeiK1oPm6WRnALW9Kix_42mPORs5Czg==

GET
H2 200 utag.152.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 1 KB
1 KB 24ms
19ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.152.js?utv=ut4.44.202301241625
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91cf14a57139ae5367867e8fa6ce13ed2f336f152bb72da367cdbff079a18beb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ffgGNjmx1X240z5puNG01i5BGIpVG7WT
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:20 GMT
last-modified: Thu, 06 Apr 2023 14:30:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 64
x-amz-server-side-encryption: AES256
etag: W/"b764c9fb13f8a96ddac909d7e4e322df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: PkAzuWUAekg2txg96vTmV4uOWQTaa7i5ENXVRqKl3esP3ZdEwCetjg==

GET
H2 200 utag.236.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 10 KB
3 KB 24ms
20ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.236.js?utv=ut4.44.202102231646
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb98679d3fb98855fb8f4cd9a483d24fb931c561b3889e42c5c5d3590e71771a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: j6SfLDIr7.PEtoYixwbRvdSl7Q0rhNW9
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:34:43 GMT
last-modified: Thu, 06 Apr 2023 14:30:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 101
x-amz-server-side-encryption: AES256
etag: W/"5564048d395a786775900ac1d88936fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: gEVwrLCGAf37iCoAF9G-zbnVAButDXo0iUj3z1KkyAQmonFCeDADUQ==

GET
H2 200 utag.81.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 3 KB
2 KB 24ms
20ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.81.js?utv=ut4.44.202301241625
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c34b1092df017a86dc4937525f7153f5190369c4e86d73dd01f1f0e59990040

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: qfGfbNBUCtwF6x_l8Ym.fWv.fVzpFtfR
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"d3b145eff9e170f0ebfcf4516f04caf9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: KxRjAZgy9rBvPBmE5H43h3Zog7p_svg2r1CVwrUUhtHiXdaUo2Q4rw==

GET
H2 200 utag.245.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 2 KB
1 KB 25ms
21ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.245.js?utv=ut4.44.202301241625
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3bf290622df877b99723c8e91cbce1a00895d03892d4a4a76f23328ac3fb9859

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: j60exe23yVWgn6xVWnJUPzN5xpadwrwR
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:34:43 GMT
last-modified: Thu, 06 Apr 2023 14:30:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 101
x-amz-server-side-encryption: AES256
etag: W/"7b0b8508e56eb1d2f850a06ba686c6fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 7X2mpvPcqtPgnN3bstutTCqYOkX8X0Sy97lgHrks6n5vlvsRX_Nbaw==

GET
H2 200 utag.212.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 21 KB
7 KB 26ms
23ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.212.js?utv=ut4.44.202212052140
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ee8ad6028b4b8a91d32097637c324da6fefd933b06f129fd55bebd94fd30f84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: fQJSMu.E2dA2YEAcjin.xFLcDQIMCCxb
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"adb9c6d139d2d77bc751da7cf5a90818"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: pl0PilOX92iVKaG3HV1c3QoJ-q6HtnKIh0NTJQNjubv-u54F1ZN1jw==

GET
H2 200 utag.268.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 2 KB
1 KB 33ms
30ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.268.js?utv=ut4.44.202102251652
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c13e277ea907a89e03fd380b4016be556e1bc1869cdcdc719cef3ea40974d968

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: pY8iZyWc1JlIYEd2z8Mf3U8xspOxU05q
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"bf9343ba6e556329662e663c0c035c23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: J_EXoB1hrXCAwaQGvjcu8JCl1FIzuoMj49EeRrZkDUAblO2wTdfSuQ==

GET
H2 200 utag.275.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 4 KB
2 KB 33ms
31ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.275.js?utv=ut4.44.202301241625
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15d3aa76cefc7e3aac65cdf21c750a313cc9af4c7e041277bfb83c1b12b30e9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: _Szmilh7TG5RdiCwZayKhkI6wRe8N8Z5
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"36e823be649a13e92a94a363107a37e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 5V_PBgHeBdlETx8rnFMhUbVxEuyweOZMnE8wI4diUStWSFguO8hlFA==

GET
H2 200 utag.270.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 9 KB
4 KB 37ms
34ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.270.js?utv=ut4.44.202302061435
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b52815c72f3af0a09f0e2a9cad32e33de2a22c9cd0c604d09c60034540467c1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: _l9rgv0bC2gLWSxR_8W7.kcCYEzXooB6
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:34:58 GMT
last-modified: Thu, 06 Apr 2023 14:30:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 86
x-amz-server-side-encryption: AES256
etag: W/"1089766a4ec8be63c754d97048ca3102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: x6yBlvrAZR1KMJ9u8WVo5Aul12buchtb-RadJaRAa7sqSqCB-1HbEQ==

GET
H2 200 utag.274.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 2 KB
1 KB 33ms
31ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.274.js?utv=ut4.44.202301241625
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f2d65c4219d0fa5f1eec1ff6351c17af97654f34d94378acb136e57f1c2ef1a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: g2R0HIgK3iV_hosqQrXPzcKM3K9s08c6
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"41e6a9ac000598f271c672d4c2faa16c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: gpSwWJw7ImojnnobccVBQUyuTNbgORXkeGF1U3JI8W1qWspLtBPQDQ==

GET
H2 200 utag.278.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 3 KB
2 KB 34ms
32ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.278.js?utv=ut4.44.202302131423
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7db2cae2d58edfde00553fac7883c2921cd1559ae9c7b95bc973f118241377d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Eo4f3XIZVI4Hsza15tpH7_UkndAgVSJn
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"33dc4f376cd9c649dc376f772daaad1b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: SYNobMUn2_1jx3YGmPNRrSEspXKYLOiRZLXc_JHwFSl0c3qu35cy6A==

GET
H2 200 utag.279.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 4 KB
2 KB 34ms
33ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.279.js?utv=ut4.44.202303072211
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc03017ee5ee78e23571e7b27c9db6e350fa6dcc0d16db62dda0fc8c93094686

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: K5yDOi3JYkS2fbmtSRhHmGgIEnbqVzx5
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:20 GMT
last-modified: Thu, 06 Apr 2023 14:30:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 64
x-amz-server-side-encryption: AES256
etag: W/"3886253ea59f23f6829a307641e53c45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 5NWkkUeolutP2G3D_deMpFQo6XzdLOMbKGZiApPjzjjHlqEEvIKDFw==

GET
H2 200 utag.281.js Show response
tags.tiqcdn.com/utag/wsjdn/barrons/prod/ 17 KB
5 KB 34ms
33ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/wsjdn/barrons/prod/utag.281.js?utv=ut4.44.202304061429
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 222c2bb0efdbd86d8577c3445b6fd3005cc1bdc86d75563da3a16eaf0bac6a6b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 2mIx71PLxvwtWYod_lg4f_6_3buOBRSF
content-encoding: br
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 01:35:26 GMT
last-modified: Thu, 06 Apr 2023 14:30:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 58
x-amz-server-side-encryption: AES256
etag: W/"0f3c1d1e2fa79a2aa9b1f509c1cc930d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: YMVZS2O0VLfL5zHQ0bvsldmb40aj68LOy2NJgZZAfAmnAj3D2DpzKA==

GET
H2

200

house-investigating-sf-feds-role-svb-collapse-e40862fa Show response
www.barrons.com/articles/
Redirect Chain

https://www.barrons.com/articles/WP-BAR-0000630878?jsondata=r
https://www.barrons.com/articles/house-investigating-sf-feds-role-svb-collapse-e40862fa?jsondata=r

152 KB
33 KB

264ms
263ms

XHR
application/json

2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barrons.com/articles/house-investigating-sf-feds-role-svb-collapse-e40862fa?jsondata=r

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Server

2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c623296ed764f241eab3e2e5c2ee20c869ddc80a9c73711197990964a32c885f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .dowjones.net .barrons.com
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM http://dowjones.net
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-security-policy: frame-ancestors *.dowjones.net *.barrons.com
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-powered-by: Express
x-cache: Miss from cloudfront
x-article-template: json
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-frame-options: ALLOW-FROM http://dowjones.net
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-info-template: barrons_article_json
x-amz-cf-id: SpWpmR_fG0FO2KNlgvyH3uVDZ5Husy-y0yJYRjxYVxmRVqoQQWF6rw==
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Apr 2023 01:36:23 GMT
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://www.barrons.com/articles/house-investigating-sf-feds-role-svb-collapse-e40862fa?jsondata=r
content-length: 132
x-amz-cf-id: Zrxx9N_uW0Dqfjo31QxaF77pA28Jcq5Jv_X-V7VgujkF94mEm2Zu8A==

GET
H2 200 p-f9f6c9a4.entry.js Show response
www.barrons.com/asset/dj-ufc/v1.9.1/ 74 KB
23 KB 29ms
29ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/p-f9f6c9a4.entry.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/p-517a0862.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7ed414d1efa96f2b24b15bd08f1e5d0bfd09f0ef8faeea7674b5799ea605777

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:20 GMT
x-amz-version-id: Y2VEYEDRcKboH9TDGyrKmV.fmD5rGV8o
content-encoding: gzip
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820504
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
etag: W/"8c67a15766cba30bcd3f97c3ec12d095"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: public, max-age=31557600, immutable
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: CqpAc2mT-4JX0jNWbqiRAaFzpZHzagjmlYSqvOk5mNiITWB6Ju9hSQ==

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame 01EB 1 KB
737 B 20ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa42b353a1443b510839625deac9428844a80039d8bd6f1ad45b9caea9f64d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:03:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 711
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 19:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 21:03:09 GMT

GET
H/1.1 200
OK dest5.html Show response
dowjones.demdex.net/ Frame 669F 7 KB
3 KB 137ms
25ms Document
text/html 54.86.208.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dowjones.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.208.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-208-12.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-2-v047-0ba83d5a2.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jb4iZvM5QXE=
content-encoding: gzip
date: Sun, 30 Apr 2023 01:36:23 GMT
last-modified: Thu, 27 Apr 2023 14:39:32 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
oms.dowjoneson.com/ 48 B
460 B 100ms
28ms XHR
application/x-javascript 63.140.38.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://oms.dowjoneson.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&mid=00837317347190596241810112731770774627&ts=1682818583500

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.160 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-160.data.adobedc.net

Software

jag /

Resource Hash

97c8b9772b4b47e929f129e49d3fe477f8f5c14c5cba8c7f0015669ac8b55be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.barrons.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZE3GFwAAAGOsKwNP
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=00824479668952958801806893003151769411
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZE3GFwAAAGOsKwNP

42 B
940 B

27ms
27ms

Image
image/gif

52.1.136.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZE3GFwAAAGOsKwNP

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Server

52.1.136.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-136-228.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v047-0a2263c42.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Iob76KZaQbM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZE3GFwAAAGOsKwNP
Date: Sun, 30 Apr 2023 01:36:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame 01EB 14 KB
5 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

808515d245d7d80e18a680941807e7e7827d30b947b283cbd85c52f8eec41d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 14:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5097
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 19:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Apr 2024 14:07:22 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 01EB 158 B
191 B 54ms
54ms XHR
application/json 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=6417744647291674657&bl=boq_subscribewithgoogleclientserver_20230419.03_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=5784&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc7d47054604f965f3f969619ca7e8dfa10575b0473a402a9f51a73e8d49a3ff

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
225 B 76ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lh2qqgm4&c=2603748360803563&e=31072020%2C31073865%2C31074188%2C44790318%2C31061691%2C31061693&ctx=1&met.9=1.fa~13.ib~2.ka~9.0~3_5.1e4~7_5.0~9.0~3_6.1f2~7_6.0&met.3=947.km~86.kn~947.kn~86.kn~947.kn~86.kn~947.kn~86.kn~947.kn~86.kn~947.kn~86.kn~947.kn~5.kn~947.kn~86.kn~947.kn~1.kn~947.ko~1.ko~947.ko~947.ko~1.ko~1.ko~1.ko~1.ko~1.ko~947.ko~86.ko~947.ko~1.ko~1.ko~1.ko~1.ko~1.ko~947.ko~86.ko~947.ko~86.ko~947.ko~86.ko~947.ko~5.ko~77.km_2~74.t3_3~947.t6~43.t6_1~53.t7~90.t7~88.t8~88.t8~88.t8~88.t8~89.t8~44.t8~91.t8~95.t9_1~76.t2_8~74.ta~947.tb~43.tb~53.tb~90.tb~88.tb~88.tb~88.tb~88.tb~89.tb~44.tb~91.tb~95.tb_1~76.ta_2~724.tc~724.tc_1~724.td~724.td~894.tf~334.u8~112.uf_1~1.xu~1.xu~1.xu~1.xu~1.xu~947.ze~573.ze~598.ze~54.ze~598.ze~54.ze~947.ze~38.ze~947.ze~2.ze~947.ze~2.ze~51.ze~49.ze~49.ze~76.ze_1~947.zj~573.zj~598.zj~54.zj~598.zj~54.zj~947.zj~38.zj~51.zj~49.zj~49.zj~76.zi~660.zm_1~947.11n~947.11n~573.11n~54.11n~598.11n~54.11n~54.11n~54.11n~598.11n~947.12r~947.12r~573.12r~54.12r~598.12r~54.12r~598.12r~54.12r~947.19u~38.19u~947.19u~573.19u~598.19u~54.19u~598.19u~54.19u~51.19u~51.19u~49.19u~49.19u~947.19w~86.19w~76.19w~947.19w~38.19w~947.19w~573.19w~598.19w~54.19w~598.19w~54.19w~51.19w~51.19w~76.19v_1~947.1a5~38.1a5~947.1a5~573.1a5~598.1a5~54.1a5~598.1a5~54.1a5~51.1a5~51.1a5~51.1a5~51.1a5~49.1a5~49.1a6~947.1a6~38.1a6~947.1a6~573.1a6~598.1a6~54.1a6~598.1a7~54.1a7~51.1a7~51.1a7~51.1a7~51.1a7~76.1a6_1~947.1cl~573.1cl~598.1cl~598.1cl~947.1cw~947.1cy~947.1cy~573.1cy~54.1cy~598.1cy~54.1cy~598.1cy~649.1cy~947.1cy~573.1cy~54.1cy~598.1cy~54.1cy~598.1cy~598.1cy~649.1cy~947.1d5~1.1d5~76.1d5~947.1d5~1.1d5~76.1d5~947.1d5~1.1d5~76.1d5~947.1d5~1.1d5~76.1d5~947.1d5~1.1d5~76.1d5~947.1d5~1.1d5~76.1d5~947.1d5~1.1d5~76.1d5~947.1d5~1.1d5~76.1d5~947.1d5~1.1d5~76.1d5~947.1d6~1.1d6~76.1d6~947.1d6~1.1d6~76.1d6~947.1d6~1.1d6~76.1d6~947.1d6~1.1d6~76.1d6~947.1d6~1.1d6~76.1d6~947.1d6~1.1d6~76.1d6~947.1d6~1.1d6~76.1d6~947.1d6~1.1d6~76.1d6~947.1d6~1.1d6~76.1d6~947.1d7~1.1d7~76.1d7~947.1d7~1.1d7~76.1d7~947.1d7~1.1d7~76.1d7~49.1d8~49.1d8~49.1d8~49.1d9~49.1d9~947.1d9~11.1d9_3~76.1cw_h~725.1dd~894.1df~660.1df~1132.1dp_f~808.1ea~808.1ea~705.1ea~705.1eb~51.1eb~598.1eb~51.1eb~51.1eb~705.1eb_1~51.1eb~598.1eb~51.1eb~51.1eb~705.1eb~947.1el~947.1el~947.1el~573.1el~54.1el~598.1el~649.1el~54.1el~598.1el~649.1el~54.1em~598.1em~54.1em~598.1em~947.1em~573.1em~54.1em~598.1em~598.1em~649.1em~54.1em~598.1em~49.1ep~49.1ep~49.1ep~49.1ep~49.1ep~947.1ep~11.1eq_1~76.1el_6~725.1er~894.1es~660.1es~1132.1ew_5~808.1f3~808.1f3~705.1f3~705.1f3~51.1f3~598.1f3~51.1f3~51.1f3~705.1f3~51.1f3~598.1f4~51.1f4~51.1f4~705.1f3~947.1gy~573.1gy~598.1gy~598.1gy&met.10=1_1.IMMIEAAIABiAmHUoAQ~1_2.IMMIEAAIABiAmHUoAQ~1_2.IPENEAAIABgAKAA~1_1.IKMOEAAIABgAKAA~1_5.IJcOEAAIABiAmHUoAQ~1_6.IMcOEAAIABiAmHUoAQ&met.7=CBsQCMABq8C29ww~CBsQByDVAjg8wAH5tbDuDg~CBsQByDVAjhDwAHI6MrNDA~CBsQByDVAjgwwAGMjNnbAw~CBsQByDVAjgzwAHmsq3YAQ~CBsQByDVAjg1wAHr3fW-Aw~CBsQByCoAzglwAGNiPXSAw~CBsQCiCoAzhowAH_gdTRCA~CBsQByCoAzimAcAB2YPPowY~CDsQBxgBIKkDKKkDMJsEOHJAqQNIqwNQqwNY2QNgvQNo2QNwkQR45MMBgAG4wQGIAcbPBLABAbgBA8AB4s3qlgk~CBsQByCpAziNAcABr8bitAM~CBsQByCqAzgjwAHgjO7jBA~CBsQByCqAzgkwAH7vru9CQ~CBsQByCqAziBAcABh9P1pQ0~CBsQChgBIKwDKKwDMNEEOKYBwAHDx8XfAg~CBsQChgBIKwDKKwDMJ8EOHPAAZD9-pQI~CBsQChgBIKwDKKwDMKMEOHjAAZmn14EP~CBsQCiCsAziSAcABvbLnnAg~CBsQCiCtAzifAcAByei6hgQ~CBsQBiCxAzgywAHL6fmADw~CBsQAiC2AziKAcAB49uWiQU~CBsQAiC5AzgfwAHh9aXdBg~CBsQByDFAzjfAcABls_8vAk~CBsQCiDFAzh5wAGX5O2XCQ~CBsQCiDJAzjZAcABq52wgQ0~CBsQCiDJAzh0wAGQm8fHAg~CBsQCiDJAzhFwAGSx8L4Aw~CBsQCiDJAzguwAGstJKlAQ~CBsQCiDKAzitAcABv66SuAo~CBsQAiDbAzgzwAHG7aH_Dg~CBsQByDtAziEAcAButyYuwI~CBsQCiDtAzh-wAG63Ji7Ag~CBsQByD0Azh1wAGD9-zmCg~CEMQChgBIKcEKKcEMOIEODtoqARwuwR4ydsHgAGd2QeIAd_uGLABAbgBA8ABhtXj6Q0~CDwQDRgBIKkEKKkEMPkEOFBQqQRY1ARgqgRo1QRw-AR46wKAAT-IAU-wAQG4AQPAAejUr80J~CBsQBxgBIK0EKK0EMMQEOBbAAe_C1GQ~CBsQDSDDBDhYwAGDwojKCw~CBsQDSDGBDg1wAHc16HUDA~CBsQCiD6BDinAsABx6P0wQc~CBsQCiD_BDisAsABr9zFlQY~CBsQCiCABTiqAsABr9zFlQY~CBsQBSCBBTirA8ABjJSQxwQ~CBsQCiCEBTgewAGXweuqDQ~CBsQCiCWBTh1wAGJoI-GBw~CBsQDSCYBTh7wAHOiOqfDA~CBsQCiDOBTh5wAGRgeCUDA~CCgQChgBIOoFKOoFMIQGOBpo6gVw_gV4n7kBgAHztgGIAdHqA7ABAbgBA8ABm-H6cA~CBsQCiDOBjggwAHk9uCFDQ~CBsQDSDmBjiAAcAB1eTXrQY~CBsQBxgBIPMGKPMGMJIHOB_AAfSQqPYJ~CBsQCiCdBzgjwAGRn6XUDQ~CBsQCiCeBzgwwAG4uOaeCw~CBsQCiCeBzgxwAHX4baZDg~CBsQByCfBzgowAHBgIuEBQ~CBsQCiCfBzg8wAGK19CcDQ~CBsQByCgBzg7wAHO-o3NAw~CBsQCiCgBzhCwAH5-YjXDA~CBsQByChBzgrwAHW6tfOCg~CBsQCiChBzg9wAGh1OWKDA~CBsQCiC9BzgZwAHa4fOMDg~CBsQCiC-BzgdwAGUqM3ECA~CBsQDSC_BzhSwAHYlMyiCA~CBsQBBgBIJIIKJIIMMkIODfAAaud8egO~CBsQDSC8CDhlwAGhwMyoDw~CBsQDSC-CDiIAcABq8Xm0wM~CBsgvwg4HsAB5ebMoQQ~CBsQByDsCTgewAHFvIyfCA~CBsQBRgBIPUGKPUGMMkLONQEwAGf_J9C~CBsQCiCFCTg3wAHYjsqTCQ~CBsQCiCFCTgkwAH4mdfABw~CBsQDSCPCjhCwAHc3_jVAg~CBsQCiCRCjiJAcAB2Ovx4QE~CBsQByC4CjgfwAHfnZylDQ~CBsQCiDtCTgfwAG_vLXoBQ~CBsQCiCSCjhkwAGu8ubaDA~CBsQDSC2Cjh-wAGGkf_PDQ~CBsQCiC4CjggwAGqm6bdAw~CBsQDSDiCjhXwAHp_P2pDA~CBsQDSDnCjhhwAHhlM7dDw~CBsQDSDrCjhMwAHzx6Q3~CBsQDSD9CjhLwAHhlM7dDw~CBsQDSCBCzg1wAHzx6Q3~CBsQDSD-CTjRAcABw5PWmgE~CBsQDSCBCjj_AcABw5PWmgE~CBsQDSDlCjj_AcABrPDAqQE~CBsQDSDyCjhjwAHxteAY~CBsQDSD5CjjyAcABu6K6rA0~CBsQDSD6Cjh_wAHxteAY~CBsQDSD8CjjVAcAB27vP_ws~CBsQDSCDCzhewAHp_P2pDA~CBsghws4H8ABvf3XhQ8~CBsghws4IMABir_ChQw~CBsQDSDeCjiuAsAB35_7www~CBsQDSDtCjiqAsABu6K6rA0~CBsQDSDwCjifAsAB27vP_ws~CBsQDSD4CjiSAsAB35_7www~CBsQDSD_CjiDAsABrPDAqQE~CBsQBiDXDDi8AcABnprttgQ~CBsQBiDYDDi-AcAB-oWD0AE~CBsQBiDYDDi-AcABtvnC9AU~CBsQBiDYDDi8AcABk9bK7gI~CBsQDSChDTjCAcABwIr27QU~CC8QBxgBIPcNKPcNMN4OOGdA9w1IgQ5QgQ5YtA5glw5otQ5w3Q54kAOAAWSIAWuwAQG4AQPAAfGR6JoJ~CC8QBxgBIPcNKPcNMNAOOFlA-A1I-A1Q-A1Ypg5giw5opw5wzw54kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQCiCzDjgTwAHXnpjDCA~CBsQCiCzDjgWwAH14NjaCA~CBsQCiCzDjgXwAGTn67eCA~CBsQCiC0DjgYwAHwnqzeCA~CBsQCiC0DjgYwAHl94PHCA~CBsQCiC0DjgYwAHqtLzDCA~CBsQCiC1DjgZwAHe173wCA~CBsQCiC1DjgZwAGXv8rMCg~CBsQCiC1DjgawAHj9u_NCA~CBsQCiC2DjgbwAGz0oPFCA~CBsQCiC2DjgiwAGc7Y7zCA~CBsQCiC2DjgiwAGHh9vOCA~CBsQCiC3DjgmwAGW6ZHOCA~CBsQCiC3DjgiwAGSjq3OCA~CBsQCiC3DjgjwAHR0MbOCA~CBsQCiC4DjgjwAHQ6LDOCA~CBsQCiC4DjgkwAHJ2N3xCA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-us.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

140ms
29ms

Script
application/javascript

2600:9000:204d:7e00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 2600:9000:204d:7e00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: PmT0ztgo6pW7kPCi5f5AnKDRXRQLwscI
content-encoding: gzip
via: 1.1 57827d2e1d333a2c5c0e53aa1e31a894.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 08:03:49 GMT
last-modified: Mon, 25 Jul 2022 13:33:52 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C3
age: 63156
x-amz-server-side-encryption: AES256
etag: W/"3bad78b036ef952c6ace672b2251b459"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: tVwbcMk5dvD3oibutFK6qGoUluB5j0wl7gg3xbdnW0zd6KKQpSewAg==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Sun, 30 Apr 2023 01:36:23 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 cxense-candy.js Show response
www.barrons.com/static_html_files/ 55 KB
17 KB 29ms
28ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/static_html_files/cxense-candy.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1feef03035593f2abc0aa803cf5f4b1a81e30fdc83e642753218b1a3f0606c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:40:59 GMT
x-amz-version-id: FGVtQfOg3E2t4FLGVPLDkmKHSENReOR1
content-encoding: br
last-modified: Thu, 20 Apr 2023 13:39:53 GMT
server: AmazonS3
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
etag: W/"3f6b2238062c52638f29aae3ca9c1118"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
age: 820525
x-amz-replication-status: REPLICA
x-amz-cf-id: 205QibDpMTCz1QUhfp-5m2LE5xAAjq12t3IX2pOME475JO8JQdiM0w==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 112ms
27ms Script
application/javascript 54.230.17.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.17.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-17-19.ord51.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:15:30 GMT
Via: 1.1 989d69b6a59c7112ca1c640cb8ad8e9c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ORD51-C3
Age: 1253
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 2X3ZLD-7yJYm_Qhsppx39d_MebLnUHSrM_8GihzEnSC8jhIQfgaEOA==
Expires: Mon, 01 May 2023 01:15:30 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 87ms
24ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100125-IAD

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 66ms
22ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H/1.1 200
OK sessioncam.recorder.js Show response
d2oh4tlt9mrke9.cloudfront.net/Record/js/ 269 KB
60 KB 96ms
28ms Script
text/javascript 18.160.30.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.30.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-30-66.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f5a484012a39673c20adad65cb49047cda5bc883ffbaea439899707c83af3e6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 22:11:21 GMT
Content-Encoding: gzip
Via: 1.1 d524fd53067e060a838db45329abc4c0.cloudfront.net (CloudFront)
x-amz-version-id: 7DQOWH.amdxDpUWlY21SVaIgJjRzy61c
X-Amz-Cf-Pop: IAD55-P1
Age: 12303
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 61240
Last-Modified: Fri, 25 Mar 2022 14:12:38 GMT
Server: AmazonS3
ETag: "88f25cac4c51e708e8ec7ed5d725070d"
Content-Type: text/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
X-Amz-Cf-Id: IhE5_2AMhrStfQqZ1sqtZh0IQ6lteBKK1i69VNF72wj7BsFhZMTNQg==

GET
H2 200 pixel.gif
www.barrons.com/cookies/ 35 B
293 B 50ms
46ms Image
image/gif 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.barrons.com/cookies/pixel.gif
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 35
x-amz-cf-id: NqWC_jrDdDdbmKwzC0bqSNd5UAo46RX8KUP6XHlkw6sMnzTQU4UywQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 85ms
35ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-716328806

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

287b4c540b3ed10e61203a7b51cd6c2256bb87eac2cfaa02e50688f2faaaccc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51988
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Apr 2023 01:36:23 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 74ms
22ms Script
application/x-javascript 2600:1400:9000::687e:74bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:74bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=11282
accept-ranges: bytes
content-length: 4777

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/mt/dowjones/barrons/p/ 453 KB
137 KB 67ms
26ms Script
application/javascript 2606:4700::6812:190d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/mt/dowjones/barrons/p/detector-dom.min.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3f12242b301e565c8944c3da1679ad5eed186245b5ecd31a54643f2febc1e69

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
x-amz-version-id: OzIyHC3O3UvCwgHgBSPR4aGo6TfU.N5A
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 b3dcbb5db65271a2024ef727d001a4e2.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C2
age: 6799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 18:39:08 GMT
server: cloudflare
etag: W/"d7e743e2c6649ef8ad930b9114ec51d0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7bfc0db36b75ca5f-YUL
x-amz-cf-id: nEmuEm3wSzgq_IMwxs4cpVz8mp_FbspOhuV3Bi--bLJVGEUQGG6Dug==
expires: Sun, 30 Apr 2023 05:36:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 132ms
39ms Script
application/x-javascript 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 30 Apr 2023 01:36:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9+bp7veDWKKHPg+rZXr33P0avzXiHCXScaElXGDgSSAOeEhR0z3OX/PLLmCcfZLMV38cilSW3efDog0cyL2BEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1460883810
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035148/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
359 B

27ms
27ms

Script
application/javascript

65.8.49.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 65.8.49.61 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-49-61.ord52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:14:45 GMT
via: 1.1 20670814a2f26f50ebda6b7776662116.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C3
age: 1299
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: P8rR7L0ZtGNtWZo7LS28tCpKbMsZpsrrm3buZ_NnIpJ547a5zPMZlg==

Redirect headers

date: Sun, 30 Apr 2023 01:36:23 GMT
via: 1.1 20670814a2f26f50ebda6b7776662116.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: ORD52-C3
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: UwEUNM6CItlkKTjLulqtI8LVFW9afD1xLYwdRfHAPo7Cg8RH4TXNQQ==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035148&ns__t=1682818583538&ns_c=UTF-8&c8=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035148&ns__t=1682818583538&ns_c=UTF-8&c8=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C...

0
225 B

88ms
88ms

Image
text/plain

65.8.49.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035148&ns__t=1682818583538&ns_c=UTF-8&c8=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&c7=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&c9=
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 65.8.49.61 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-49-61.ord52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
via: 1.1 20670814a2f26f50ebda6b7776662116.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: ORD52-C3
x-amz-cf-id: OBubsUB7obzJdRcTvEIJ38C6BY939GMigMCi-s51Uk8q8FSKWeB2gA==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 30 Apr 2023 01:36:23 GMT
via: 1.1 20670814a2f26f50ebda6b7776662116.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: ORD52-C3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035148&ns__t=1682818583538&ns_c=UTF-8&c8=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&c7=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&c9=
content-length: 0
x-amz-cf-id: 3dotX-hYhzxU7vTyAfCpY0F1UkPxi2h2h-oOjs6Vg_30tU9whK4-yA==

GET
H2 200 barrons.js Show response
cdn.brandmetrics.com/tag/fefe5855bc564ec981e0c734502d715a/ 5 KB
3 KB 71ms
29ms Script
text/javascript 2606:4700:20::681a:c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/fefe5855bc564ec981e0c734502d715a/barrons.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78930771c561a845030a699390338f5c6efa3cc7698e624937c7795a810bc312

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 30 Apr 2023 01:15:11 GMT
server: cloudflare
age: 1272
cf-polished: origSize=5451
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n543PjhSp24OoDEZHfbALXC2arp3kaHsosljhUerQXpyV6jHv76hwtOt6U6%2B8m0mAD0Z7es%2FPsz4sZCAGtBp9Sy3O23idQ3BwDMrbOJpINsr0N8rtsod4xqjjtwpIqM52DFIB7qfUGsaaUIkoxv1guTZ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7bfc0db3ffbf4003-YYZ
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 sp_v1.js Show response
storage.googleapis.com/nchq-dj-nid/prod/ 73 KB
73 KB 67ms
20ms Script
text/javascript 2607:f8b0:4006:816::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/nchq-dj-nid/prod/sp_v1.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2010 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cd3e44650792fd3eeb1ba72a06a88c89be0089ff0c5b1ffc54f3bce1349684e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:36:53 GMT
age: 3570
x-guploader-uploadid: ADPycdvkMEcdeuPo9wIJVjoeSTB103V-pc36uap4jP77uItbiSuricRuAVKdhyODpbbQB1CR8M5qea-z6GRTrxwBmwHKU_rYhiRH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74355
last-modified: Wed, 08 Mar 2023 14:17:18 GMT
server: UploadServer
etag: "9e0e32bb4f0446f15091850d9779ff9d"
x-goog-generation: 1678285038327700
x-goog-hash: crc32c=yL2jiw==, md5=ng4yu08ERvFQkYUNl3n/nQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 74355
accept-ranges: bytes
expires: Sun, 30 Apr 2023 01:36:53 GMT

GET
H2 200 ua-sdk.min.js Show response
web-sdk.urbanairship.com/notify/v1/ 231 KB
43 KB 44ms
11ms Script
application/javascript 34.160.158.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk.urbanairship.com/notify/v1/ua-sdk.min.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.158.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.158.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e1a2314acab721546f2e6b00b98f408f6191fd806febd6520dd487b6caeade6f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:33:19 GMT
content-encoding: gzip
age: 184
x-guploader-uploadid: ADPycdvU23vVH8vOnYfyLcgIe8db0Go2JoYZvbHYADPC65Y2YdGjca0gZrDhPAuMNSAVHDUWtoSMdRyJTlV8dYKpCRNmTvsRJgcX
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43314
last-modified: Wed, 19 Apr 2023 21:02:50 GMT
server: UploadServer
etag: "bc43e5016b23d1055a0c001158141b3b"
x-goog-generation: 1681938170298904
x-goog-hash: crc32c=JbuW+A==, md5=vEPlAWsj0QVaDAARWBQbOw==
content-type: application/javascript
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 43314
accept-ranges: bytes
expires: Sun, 30 Apr 2023 01:38:19 GMT

GET
H2 200 b-8db6969-57aaf79f.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ Frame CA72 69 KB
26 KB 30ms
29ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63e5289e179564b3cf4ce26d0d4831e6950c3d445c23359b604681032c9e32bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:05:49 GMT
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
x-amz-version-id: hb5CoUKJh9ugIoA40ipfbWU5spAS3Ccg
x-amz-cf-pop: ORD51-C1
age: 1067435
x-cache: Hit from cloudfront
content-length: 26656
x-amz-meta-git_commit: 8db6969
last-modified: Mon, 07 Nov 2022 21:55:19 GMT
server: AmazonS3
etag: "cb1f115bbcd7235df3a06c8892303839"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AL7OYrQMK7sKsH7rrh4s8RRWesVoV0QriEHg20gN9bF8uMPZfVaknQ==

GET
H/1.1 200
OK 0JYXH_barrons.com.js Show response
tgamriker.s3.ca-central-1.amazonaws.com/ Frame CA72 51 KB
51 KB 65ms
25ms Script
application/javascript 52.95.190.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tgamriker.s3.ca-central-1.amazonaws.com/0JYXH_barrons.com.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.190.98 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b0f27beeb2b15d3ed55c2e5747d68499d8b5915e661f315a1dd2c61edcd69566

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
x-amz-version-id: TKl2MvCA_qFf3SguTvBrSrm1Ys4JBy8D
Last-Modified: Fri, 17 Mar 2023 04:28:50 GMT
Server: AmazonS3
x-amz-request-id: 815F5ZZ1ZX1B6PZA
ETag: "9cc4bddbc53452fcdf863774422acd6b"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 51945
x-amz-id-2: u3PnrawnlqIQ3LkDam29YfjAvAV0kpfFcirsGdtCmsLCr1VXFAMXm1gTeprpLCDxEfLujZuYORM=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA72 158 KB
49 KB 104ms
51ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 01:36:23 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/dowjones8650224/ Frame CA72 10 KB
4 KB 18ms
18ms Script
application/x-javascript 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/dowjones8650224/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da17aa7336263ad0aa2983813edbb8325e9b39a13498a652da2471474d1abb25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 07:03:09 GMT
server: AmazonS3
x-amz-request-id: D9GFCHR8C3PBR4NE
etag: "b8958bfcc8638bd7d41cb5701c80db0f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=34805
accept-ranges: bytes
content-length: 3973
x-amz-id-2: K1OopP+fBvYojSm0yPbMcArzYeFqMIiRYpQqZb2gFIEQG2Bm/bMisCVHSF9R2ez243IoOJxPgeg=

GET
H/1.1 200
OK ncg.js Show response
us.tags.newscgp.com/prod/ncg/ 163 KB
45 KB 29ms
28ms Script
application/javascript 13.249.141.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us.tags.newscgp.com/prod/ncg/ncg.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-127.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cce4ed0f75fe50cb7431c44d94643bdeb12fcf7b8c04af83d76f24fc875a704c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 06:05:10 GMT
Content-Encoding: gzip
Via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
Last-Modified: Tue, 07 Mar 2023 11:33:22 GMT
Server: AmazonS3
X-Amz-Cf-Pop: ORD51-C1
Age: 70274
ETag: W/"cbffeacd747e453a50b3116e019da258"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: rdkp1nCdL9HK-edNSL4esso-_1F4dONH95VqO_JbFWEVgnwiGDPScQ==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 19ms
19ms Script
application/javascript 2600:9000:2511:9800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=wsjdn/barrons/202304061429&cb=1682818583772
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sun, 30 Apr 2023 01:33:12 GMT
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 191
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: C2GIFtMXVGtng2VnRweAZkv0_ks627n4F_XFxHjCUgOczrRblkR99A==

GET
H2 200 b-8db6969-57aaf79f.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ Frame 27CA 69 KB
26 KB 30ms
29ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63e5289e179564b3cf4ce26d0d4831e6950c3d445c23359b604681032c9e32bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:05:49 GMT
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
x-amz-version-id: hb5CoUKJh9ugIoA40ipfbWU5spAS3Ccg
x-amz-cf-pop: ORD51-C1
age: 1067435
x-cache: Hit from cloudfront
content-length: 26656
x-amz-meta-git_commit: 8db6969
last-modified: Mon, 07 Nov 2022 21:55:19 GMT
server: AmazonS3
etag: "cb1f115bbcd7235df3a06c8892303839"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: WQeM0LkwvMHsgEATEUaoWcXqLoBlg_axc5P90fdNswdmn433JOWdyQ==

GET
H/1.1 200
OK 0JYXH_barrons.com.js Show response
tgamriker.s3.ca-central-1.amazonaws.com/ Frame 27CA 51 KB
51 KB 28ms
27ms Script
application/javascript 52.95.190.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tgamriker.s3.ca-central-1.amazonaws.com/0JYXH_barrons.com.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.190.98 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b0f27beeb2b15d3ed55c2e5747d68499d8b5915e661f315a1dd2c61edcd69566

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
x-amz-version-id: TKl2MvCA_qFf3SguTvBrSrm1Ys4JBy8D
Last-Modified: Fri, 17 Mar 2023 04:28:50 GMT
Server: AmazonS3
x-amz-request-id: 8152RQ3Q6QPF58ND
ETag: "9cc4bddbc53452fcdf863774422acd6b"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 51945
x-amz-id-2: m/9AYyjS9vaa8IvPZ8b6TCqS0qUUYpLK+yj0JOtGTfHR4q3WR2iEMoCCNxcRuw1FhIpk1RaNO4A=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27CA 158 KB
48 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 01:36:23 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/dowjones8650224/ Frame 27CA 10 KB
4 KB 20ms
19ms Script
application/x-javascript 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/dowjones8650224/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da17aa7336263ad0aa2983813edbb8325e9b39a13498a652da2471474d1abb25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 07:03:09 GMT
server: AmazonS3
x-amz-request-id: D9GFCHR8C3PBR4NE
etag: "b8958bfcc8638bd7d41cb5701c80db0f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=34805
accept-ranges: bytes
content-length: 3973
x-amz-id-2: K1OopP+fBvYojSm0yPbMcArzYeFqMIiRYpQqZb2gFIEQG2Bm/bMisCVHSF9R2ez243IoOJxPgeg=

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 98ms
44ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 01 May 2023 01:36:23 GMT

GET
H2 200 p-f4556068.js Show response
www.barrons.com/asset/dj-ufc/v1.9.1/ 4 KB
2 KB 29ms
28ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/p-f4556068.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af59bfcebbda7b3ce5e5aa5c18857a2609f4dad54bf4305598d99ebd495cd9cd

Request headers

Referer: https://www.barrons.com/asset/dj-ufc/v1.9.1/p-f9f6c9a4.entry.js
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:22 GMT
x-amz-version-id: 9KLeNpi_pLgTbS1eZIm1S57qTx1_2XOz
content-encoding: gzip
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820502
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
etag: W/"dbc7212c8436299dc3059859b5743b94"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: public, max-age=31557600, immutable
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 2Njp7yV3vXjewQJwrKaMT6n0PybM_9djZCDoxwDPPP1s1iXKrhIO9w==

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame F876 2 KB
3 KB 30ms
30ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

893f2ecaf0b53a627afd4eb0f851fed4b88666923b8e9e130fa2b42374ecab50

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2360
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 30 Apr 2023 01:36:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: ZG2ZXGBV28J88S89ARD5

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 136ms
23ms XHR
text/plain 54.86.220.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.220.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-220-23.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.barrons.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 859c7868-bf77-41ce-adc1-7b1929ccc346

GET
H2

200

setuid
prebid-server.rubiconproject.com/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=0&gdpr_consent=&account=9673&us_privacy=1---
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=9673&uid=LH2QQGXV-10-5Y9F&gdpr=0&us_privacy=1---

86 B
502 B

74ms
24ms

Image
image/png

54.152.15.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=9673&uid=LH2QQGXV-10-5Y9F&gdpr=0&us_privacy=1---
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 54.152.15.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-15-101.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=9673&uid=LH2QQGXV-10-5Y9F&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
Expires: 0

POST
H2 200 s62389870710274 Show response
oms.dowjoneson.com/b/ss/djglobal,djbarrons/1/JS-2.17.0/ 43 B
200 B 28ms
27ms XHR
image/gif 63.140.38.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://oms.dowjoneson.com/b/ss/djglobal,djbarrons/1/JS-2.17.0/s62389870710274

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.160 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-160.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 01 May 2023 01:36:23 GMT
server: jag
etag: 3613825390077149184-4619711517623007346
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sat, 29 Apr 2023 01:36:23 GMT

POST
H2 204 / Show response
pblog.barrons.com/pb/ 0
221 B 124ms
56ms XHR
text/plain 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pblog.barrons.com/pb/
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,Keep-Alive,Origin,User-Agent,X-Requested-With
x-appengine-log-flush-count: 0
access-control-allow-methods: POST

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA72 0
0 40ms
40ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1XqNMYaS0k010_pcDYTkwgTOZ-OAc6mIYrWX4Dv4H1WVHj684TZSN8La-CTjAOYIVRjeJYmenMpHTFeyojLM2A9VWs5LRQa5zXsDlZccBKjx16VCweLBQoW66fwK0bDZUQeruVSvOlGFOqbEtogAs3BG9BZT1zMboaXBfu1u0uRB5lafwmumXe7x0UTct09Ln4B_8p7qPKe7JrHw8T0TSJR5qJVSij_tKuqbLEe6goG1etTQIJmHbP4_2pBFjiylRvL3LKrfg8PCfhRLU9e6eo7wpdQ_z--lA_leCyxD9uk1-nr9tQ5IaWUFW9RJWCBw-I2q0FaQKQKz8&sai=AMfl-YRQl6y5x5zqgsvzXT2KAHfPvKF8OLTcoO3cAOXVjTnlFCW4gyYCv1pezAAt13TFpHf4SdNoE5qWuJ2jrZCttdxWqeAZQb8yYxCBsTOiTjcC2Ct9cV8CaR2IdiOY4OJdmZA&sig=Cg0ArKJSzNdAuvsyafp2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 01:36:24 GMT

GET
H3 200 m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame 01EB 108 KB
36 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ccf03ca5b6fdbc712ccbb0278cdbc4d6aba50772229fa54f6be27371d13fa6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36778
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 19:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 16:32:12 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 90ms
31ms Preflight
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:24 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 01EB 131 B
155 B 77ms
34ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Apr 2023 01:36:24 GMT

POST
H3 200 log Show response
play.google.com/ Frame 01EB 131 B
155 B 78ms
35ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Apr 2023 01:36:24 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 89ms
32ms Preflight
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:24 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 01EB 131 B
155 B 79ms
36ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Apr 2023 01:36:24 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 88ms
33ms Preflight
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:24 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 27CA 0
0 83ms
83ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgqpq_EZwAFgIesWSDnpK5LWjFI5zSg2qGJvOsKGRhLjoSsegfqb156ZDd-2enu0FMF-gJDG588psA7nXYGEweNi7RQn36AMWwMT74lpgN_ejaSdLozgilbE2L8KBgzi6VJB4FKCZkj5xrXyL4kzYToYTjciTKBtF5YN10BbcRnkJ-inGgO_idLhZ_QZvhbRLOI03RDmRvNcVN-IKt4GrBdJjVIVpwR5DKPHOznjx-WWwy7vQTNNFSK_vwS498glJZMeU9aiE2-47JOtJVc9uMy_6gS7ORjIZZt5F7ltrvUmkCwpnytf2p6nfip8_E687VLhd_UUe3MEQ&sai=AMfl-YQdNv_cSSZPia6jPJpV2pUGD-edDmnzN4n5232z59FDQNSh5DfB8yjwTFXMtOPBgWat5bz9UHW5ZVYX-8P9F9IhVC9naEROQsOGOY8YnY2kdQhZhwPq4zU9w4W24ljVJ3a3g1w1vSGSnp-_dvsI&sig=Cg0ArKJSzD2RLkEmoxLtEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F876
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1682818584391
https://ad.turn.com/r/cs?pid=45&rndcb=3327216006
https://sync.1rx.io/usersync/turn/9063842566854529721?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-7d201714-c399-4c3d-b275-8a5b...
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005

43 B
479 B

35ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CP3R7GTDNTN7JF12XBGV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 30 Apr 2023 01:36:25 GMT
Server: Tengine
ETag: RX7d201714c3994c3db2758a5bb7d2bc20005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005
Content-Type: text/html
Connection: keep-alive

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F876
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258201841455362000V10

43 B
479 B

35ms
31ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258201841455362000V10

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V8F5ZVT04MRVT9SDBC7Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:24 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258201841455362000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Sun, 30 Apr 2023 01:36:24 GMT

GET
H/1.1

200
OK

i
tags.barrons.com/cs/bounce/
Redirect Chain

https://tags.barrons.com/cs/sync/i
https://us.tags.newscgp.com/cs/sync/i?expiry_ts=1745890584&origin=tags.barrons.com
https://us.tags.newscgp.com/cs/bounce/i?expiry_ts=1745890584&origin=tags.barrons.com&fallback_id=e18d08aa-fc42-484c-9976-0cda7132c302.3.1682818584.1745890584
https://tags.barrons.com/cs/bounce/i?expiry_ts=1745890584&nuid=e18d08aa-fc42-484c-9976-0cda7132c302.3.1682818584.1745890584

43 B
810 B

48ms
46ms

Image
image/gif

13.249.141.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.barrons.com/cs/bounce/i?expiry_ts=1745890584&nuid=e18d08aa-fc42-484c-9976-0cda7132c302.3.1682818584.1745890584
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Server: 13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-41.ord51.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:25 GMT
Via: 1.1 3e5a2f6c5b1171dae267d5a9344f95e8.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: ORD51-C1
X-Cache: LambdaGeneratedResponse from cloudfront
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: vy8ZacqFfpFQcynfirpI_9vliLbIEnEsYgtAgQ4bbO5SWz5m3y2AaA==

Redirect headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
Via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: ORD51-C1
X-Cache: LambdaGeneratedResponse from cloudfront
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Location: https://tags.barrons.com/cs/bounce/i?expiry_ts=1745890584&nuid=e18d08aa-fc42-484c-9976-0cda7132c302.3.1682818584.1745890584
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: CF5LLlcMieASxN64tCVIs3qlpuPO01B8QnlTLkmsfrMutJqEKBCRqQ==

GET
H2 200 im-745420
images.barrons.com/ 22 KB
23 KB 106ms
23ms Image
image/jpeg 2600:9000:21da:4400:b:9734:2640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.barrons.com/im-745420?width=620&size=1.5

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:4400:b:9734:2640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ PHIS

Resource Hash

5d2f3be9306fe235564c691d76d5ad7f92fc867f0822b8c95ebdc10519821a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:02:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
age: 192817
x-powered-by: PHIS
x-dns-prefetch-control: off
edge-cache-tag: nrtools.im.prod.im-745420,nrtools.im.prod.im-745420_620x413
x-cache: Hit from cloudfront
phis: imu-20230316223612533
x-xss-protection: 1; mode=block
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=6048800
x-amz-cf-id: 8qE4EFfksP-CcmYyp5YZTbaX4EQ4lk0BQzJLFJ7zc19RMEf6fXx-Ew==

POST
H2 200 service Show response
usasync01.admantx.com/admantx/ Frame CA72 322 B
468 B 105ms
27ms Fetch
text/plain 34.234.108.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usasync01.admantx.com/admantx/service

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.108.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-108-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e871281da66e5bc2b82c42f58ef0dde407eabaaef8bfde606055235ae4a66b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 01:36:24 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 322
content-type: text/plain; charset=UTF-8

GET
H2 200 _pdfps Show response
6b6b990e-d9d8-4116-a028-76da837d7607.partner.permutive.app/sync/ Frame CA72 0
167 B 120ms
92ms XHR
text/plain 34.107.222.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://6b6b990e-d9d8-4116-a028-76da837d7607.partner.permutive.app/sync/_pdfps
Requested by: Host: tgamriker.s3.ca-central-1.amazonaws.com
URL: https://tgamriker.s3.ca-central-1.amazonaws.com/0JYXH_barrons.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.222.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 59ms
12ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?3032023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:04:20 GMT
content-encoding: br
age: 1924
x-guploader-uploadid: ADPycdtv4xA0jmcD_VvEKjQc8b2DQccBjhecH2HLNUvDuJLvkBm5O18gLY62wcm0FVELQsCQFFYHPCXUAmuUawNZwvvk3w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10525
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: YUL-7d0cee4c
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 20ms
18ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=WSJ2&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1682818582177&de=583388707248&rx=515295686533&m=0&ar=05dda1dc992-clean&iw=63e4407&q=3&cb=0&cu=1682818582177&ll=2&lm=0&ln=0&em=0&en=0&d=21740306%3A2725126698%3A5434609679%3A138318056594&cm=16&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatAdLocation=RAIL&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatSZ=300x250&zMoatHT=250&zMoatWD=300&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&bo=50396786&bd=21759246547&zMoatOrigSlicer1=50396786&zMoatOrigSlicer2=21759246547&gw=dowjonesheader64568365681&fd=1&it=500&ti=0&ih=2&pe=1%3A458%3A458%3A0%3A1087&tz=RAIL&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&jk=-1&jm=-1&fs=203310&na=1649930766&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:24 GMT

GET
DATA 200
OK truncated
/ Frame CA72 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff4e49e857d25e33c9f13fd578c20a2413c9bf09a45185f161cf384a7242df32

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA72 0
0 40ms
40ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvicDd_7WA-qbpVp2rioz755UT16q1oNI6eb2N2SWfw3vy4WwPzL4k1DGKVjI98AdAB73rnCAxmuXdo4-gtuXEoEaUOGbutniklY4bTg2i7ctwQIRTHeNkCtlaPNCR_sM74l1fkfWr14dbepOl-X4O3kny0TRGK0OuflSnqjvQlkbLc2xmljq6K40Xh9dmm3nzQF6IVAGkeKvtfQLpEutAaiDsyPJSZcqE4q8PzSUuWjVDT5u2zB3qOxqcdOVS0GGdUBrvjsO85oed5oVbyC2fj8WmB46gJ53Hglorxr8zIUqgLTk-_ZhHhQvlzL_eoOJwsKOOGyMnxxBoQEQ&sai=AMfl-YTfPGv07IstNjzkVdQuVi5CZvnQZ-UaFzf_bpp6SI32Z_FRgjwLhQMqmWBqsNtvfMFtJBZrN2cdqTuOr4HMqBIwIOvAPDYJMyUntk0K2B_6NrtI9b4GGvREf478__vXZXU&sig=Cg0ArKJSzL9Jdq-a9YV3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 01:36:24 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame EA7E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

2 KB
2 KB

21ms
21ms

Document
text/html

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: a3b28f6724d084f37e0953db5baadc65592bebd96dbc483eb2d82d9ac9807462

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1755
Content-Type: text/html
Date: Sun, 30 Apr 2023 01:36:24 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Sun, 30 Apr 2023 01:36:24 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 91B9 16 KB
6 KB 64ms
18ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75459
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 30 Apr 2023 01:36:24 GMT
expires: Sun, 30 Apr 2023 22:34:03 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 249D 281 B
554 B 76ms
19ms Document
text/html 23.211.130.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.130.59 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-130-59.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Apr 2023 01:36:24 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 4EF5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11d3A0M1NGRTJ1SWFBSk1VZFc5eXJWelNZaDhuc3A4Ln5B&gdpr=0

43 B
479 B

62ms
36ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11d3A0M1NGRTJ1SWFBSk1VZFc5eXJWelNZaDhuc3A4Ln5B&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 30 Apr 2023 01:36:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: YDC8MPPBFH6Z5P1CPS3H

Redirect headers

age: 0
content-length: 0
date: Sun, 30 Apr 2023 01:36:24 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11d3A0M1NGRTJ1SWFBSk1VZFc5eXJWelNZaDhuc3A4Ln5B&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 5492
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7...
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

693 B
732 B

17ms
16ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 40534bb933387bfe3fb508f4f323543ece2d4be3d6558ac118663808c69871ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 400
content-type: text/html
date: Sun, 30 Apr 2023 01:36:24 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 30 Apr 2023 01:36:24 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 85B2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0
https://s.amazon-adsystem.com/ecm3?id=4111871771392428841&ex=appnexus.com&gdpr=0

43 B
479 B

35ms
35ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=4111871771392428841&ex=appnexus.com&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 30 Apr 2023 01:36:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: DK4ZTZMJHB2K7RZWJWR2

Redirect headers

AN-X-Request-Uuid: 1440afbb-049a-451b-a616-8596f472b6cd
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Apr 2023 01:36:24 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://s.amazon-adsystem.com/ecm3?id=4111871771392428841&ex=appnexus.com&gdpr=0
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 1CF4
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=903593474721348424261

43 B
479 B

40ms
29ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=903593474721348424261

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 30 Apr 2023 01:36:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: Y06VYRT42DXHEVTYXQ8X

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 30 Apr 2023 01:36:24 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=903593474721348424261
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 p.js Show response
cdn.parsely.com/keys/barrons.com/ 51 KB
19 KB 86ms
22ms Script
application/javascript 18.164.101.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/barrons.com/p.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-101-60.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 807bd2cdee61126e98a3c820b14c39d4f7b4dcda9503d9d63f34ea4a4bbfb84e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Sat, 29 Apr 2023 05:45:44 GMT
content-encoding: gzip
via: 1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
last-modified: Wed, 07 Sep 2022 18:30:54 GMT
server: nginx
x-amz-cf-pop: JFK50-P5
age: 71440
etag: W/"6318e35e-cada"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: eGwqvleLxeYqAjalukGnVIi5n8e3H610_JAnNlIHoTTtADf9lIS1rQ==
expires: Sun, 30 Apr 2023 05:45:44 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 103 KB
34 KB 73ms
23ms Script
application/x-javascript 2600:141b:9000:288::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:288::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2023 13:31:47 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34188
Expires: Sun, 30 Apr 2023 02:36:24 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 70ms
21ms Script
application/x-javascript 2600:141b:9000:288::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:288::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Oct 2022 14:05:13 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5959
Expires: Sun, 30 Apr 2023 02:36:24 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 62ms
34ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1682818584419&id=t2_6mt5smk3&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=97d7a685-813e-4289-b1c5-d3d16899be62&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/i/ 43 B
375 B 128ms
42ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=567a1cfe-b2ad-44d6-8373-2c0e249e56f8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6e08e097-2806-4743-b69a-b4249e74a917&tw_document_href=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcwz&type=javascript&version=2.3.29

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 30 Apr 2023 01:36:23 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 25ac14cda519794c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 523082fe9d91ac5b118d4ad620819960e62c6565d5c1fdda13f1b49ed0f5640a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 145ms
47ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=567a1cfe-b2ad-44d6-8373-2c0e249e56f8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6e08e097-2806-4743-b69a-b4249e74a917&tw_document_href=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcwz&type=javascript&version=2.3.29

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 30 Apr 2023 01:36:24 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 2b5473a15deb211f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2a0f925cfd1928bcb560d66c136e4600787ea71895d40c2d62b66fa545f53734
content-length: 43

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/264307/domain/barrons.com/ 36 B
366 B 101ms
24ms XHR
application/json 2600:9000:2269:6c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/264307/domain/barrons.com/token
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2269:6c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:24:05 GMT
content-encoding: gzip
via: 1.1 615f410a3a080a335933e9fa08c15260.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 4339
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7199
x-amz-cf-id: DsbWN_UZfJN4EBc24saspIR7k3RLz1wOloDUAuyNfOiGKIgf2ZimrQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D264307%26time%3D1682818584429%26url%3Dhttps%253A%252F%252Fwww.barrons.com%252Fart...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-5160796...

0
147 B

153ms
99ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&cookiesTest=true&liSync=true&e_ipv6=AQJj0Kus-4rXHgAAAYfPzdKYqZXysBdcfkgePXT5lt6RQ-RXu9_6XSIWiipCvuX0E20acylm
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B35031E1739F441A9A3BD5D2828E5E45 Ref B: YMQ01EDGE0321 Ref C: 2023-04-30T01:36:25Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g7wBfAnA29+aisWi6A==

Redirect headers

date: Sun, 30 Apr 2023 01:36:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 13BF7E3E012A42558673D555D643115B Ref B: YMQ01EDGE0512 Ref C: 2023-04-30T01:36:25Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&cookiesTest=true&liSync=true&e_ipv6=AQJj0Kus-4rXHgAAAYfPzdKYqZXysBdcfkgePXT5lt6RQ-RXu9_6XSIWiipCvuX0E20acylm
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g7v+kDOThBPnbdw7Ug==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D264307%26time%3D1682818584429%26url%3Dbarrons.com%252Fpaywallhitcustomtag%26cooki...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag&cookiesTest=true&liSync=true&e_ipv6=AQIQq7nsE8nL9gAAAYfPzdKbv1Pi8FgKkk4DdvMT6d-K-...

0
702 B

132ms
90ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag&cookiesTest=true&liSync=true&e_ipv6=AQIQq7nsE8nL9gAAAYfPzdKbv1Pi8FgKkk4DdvMT6d-K-74KgpeMRz2n21oGvRyHnWhV-uxG
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7230F629F1744219818587B70317AF10 Ref B: YMQ01EDGE0321 Ref C: 2023-04-30T01:36:25Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g7wBeggrzo6JxRfasg==

Redirect headers

date: Sun, 30 Apr 2023 01:36:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 45EEBAA20AED4895806F02A9555F8A33 Ref B: YMQ01EDGE0512 Ref C: 2023-04-30T01:36:25Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=264307&time=1682818584429&url=barrons.com%2Fpaywallhitcustomtag&cookiesTest=true&liSync=true&e_ipv6=AQIQq7nsE8nL9gAAAYfPzdKbv1Pi8FgKkk4DdvMT6d-K-74KgpeMRz2n21oGvRyHnWhV-uxG
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g7v+lwuZv8hpdHi2+w==

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 46 KB
15 KB 28ms
28ms Script
text/javascript 2606:4700:20::681a:c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=787755dc-4a56-4dd1-9341-d101143c2799&toploc=www.barrons.com
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00495daca2e53e98f9a9f80b0f3bf64cdec5c9eac89276774d2581b5183de979

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 30 Apr 2023 01:16:14 GMT
server: cloudflare
age: 1210
cf-polished: origSize=48187
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7wm3oIMC7ARo8yNiTpyZr6LeOIWaIwKCA2jo460tJSqLhZi3%2Ffc3TFoOSvAqvrz4uH06d7w2Wm0dBkTJBv5cA928MxqLW%2FbduhMo5w4gWLqjzDy8cS2GB5EvAdicW1vehJJ69S8U%2FNLml9Sx1z6Hd1u"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7bfc0db8bea04003-YYZ
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 581246501980096 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/581246501980096?v=2.9.102&r=stable

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24fd17d64ea1480dfe019e54464c6ebb0dccac42b5adb44bb217b04e18f343c0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 30 Apr 2023 01:36:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110260
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JaAhpYy3YUYSGByYHoIsawagiM3tbcTzKxauveaaZrJne5t6IoG+l7/GwUIokakaVp5NZVcg2Mm2eNHMCTdkJQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1460883810
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK config.aspx Show response
ws.sessioncam.com/Record/ 38 B
409 B 163ms
26ms XHR
text/javascript 54.237.41.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/config.aspx?url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&jsver=596&originalUrl=https://www.barrons.com&sse=1682818584448&inTg=a&acr=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.41.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-41-29.compute-1.amazonaws.com
Software: /
Resource Hash: 71a79a2d452f2583e7ba76144d538d4b7f73a7861be86054cb583e266db3d246

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:24 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 38
Expires: -1

GET
H2 200 cookie.html Show response
www.ncaudienceexchange.com/prod/ncg/ Frame B833 6 KB
3 KB 99ms
17ms Document
text/html 13.33.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-53.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 64841
content-encoding: gzip
content-type: text/html
date: Sat, 29 Apr 2023 07:35:44 GMT
etag: W/"27a77bbc87eed7c50fbccf9c936e316d"
last-modified: Wed, 28 Aug 2019 23:03:03 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a00eb4657c3b62cedb9b6571825eb82c.cloudfront.net (CloudFront)
x-amz-cf-id: SPBlsU_fP5htYIN9Bmlr7LM0_2-Jz4-ohH6PJIaR7TMQo0Sp6QwqUg==
x-amz-cf-pop: EWR52-C1
x-cache: Hit from cloudfront

GET
H/1.1 200
OK cookie.html Show response
tags.realtor.com/prod/ncg/ Frame BDCC 6 KB
3 KB 189ms
27ms Document
text/html 13.249.141.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.realtor.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-41.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 43003
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 29 Apr 2023 13:39:42 GMT
ETag: W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified: Wed, 28 Aug 2019 23:03:03 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 9fd0fd3ab227f7918e7e92e96b386326.cloudfront.net (CloudFront)
X-Amz-Cf-Id: TMQ4eoRl6EyuLqRTT96mxhl-emtLSxTBZT31jkAUuB5pM_nSgKjAiA==
X-Amz-Cf-Pop: ORD51-C1
X-Cache: Hit from cloudfront

GET
H/1.1 200
OK cookie.html Show response
tags.mansionglobal.com/prod/ncg/ Frame F4AC 6 KB
3 KB 137ms
27ms Document
text/html 13.249.141.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mansionglobal.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-21.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 43003
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 29 Apr 2023 13:39:42 GMT
ETag: W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified: Wed, 28 Aug 2019 23:03:03 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 16a12520cb84572aced3b0a8e5f80bae.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Uhy2NPghzCrkX5jDQg9k68_uv8ORRxH-KyQWLnNoodiG8TDEb1rcYA==
X-Amz-Cf-Pop: ORD51-C1
X-Cache: Hit from cloudfront

GET
H/1.1 200
OK cookie.html Show response
tags.marketwatch.com/prod/ncg/ Frame A37F 6 KB
3 KB 144ms
29ms Document
text/html 13.249.141.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.marketwatch.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-127.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 43003
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 29 Apr 2023 13:39:42 GMT
ETag: W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified: Wed, 28 Aug 2019 23:03:03 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 c9bb13136100bc969a43d76962ec0704.cloudfront.net (CloudFront)
X-Amz-Cf-Id: tacj0kX6XXSElLLNLHmpeL2q7MQ9Lm_0LN1ntbplvmGFrFRW70rOzw==
X-Amz-Cf-Pop: ORD51-C1
X-Cache: Hit from cloudfront

GET
H/1.1 200
OK cookie.html Show response
tags.wsj.com/prod/ncg/ Frame E5B6 6 KB
3 KB 151ms
28ms Document
text/html 13.249.141.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wsj.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-96.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 43003
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 29 Apr 2023 13:39:42 GMT
ETag: W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified: Wed, 28 Aug 2019 23:03:03 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 7430a54821bbaeddfc77b56ba1b84eae.cloudfront.net (CloudFront)
X-Amz-Cf-Id: xUExtX5IryXOJsIDC-9M4DcrWkjWDgfiRbcCp418_eLjvWB62YJasA==
X-Amz-Cf-Pop: ORD51-C1
X-Cache: Hit from cloudfront

GET
H/1.1 200
OK cookie.html Show response
tags.nypost.com/prod/ncg/ Frame 2A65 6 KB
3 KB 134ms
27ms Document
text/html 13.249.141.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.nypost.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-96.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 43003
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 29 Apr 2023 13:39:42 GMT
ETag: W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified: Wed, 28 Aug 2019 23:03:03 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 443be97982ff47781bf6093fc4a1cd66.cloudfront.net (CloudFront)
X-Amz-Cf-Id: EQCZOmDKF6Chikc9rro_CIdqsTGeqrVtiugSZ-8i4gOvz12HF_Temw==
X-Amz-Cf-Pop: ORD51-C1
X-Cache: Hit from cloudfront

GET
H/1.1 200
OK cookie.html Show response
tags.decider.com/prod/ncg/ Frame A63B 6 KB
3 KB 191ms
27ms Document
text/html 13.249.141.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.decider.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-41.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 43003
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 29 Apr 2023 13:39:42 GMT
ETag: W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified: Wed, 28 Aug 2019 23:03:03 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 cb7132faa45d3b1ff4d65185f2d36d26.cloudfront.net (CloudFront)
X-Amz-Cf-Id: pw0BOZ2ln2cgHWZExPzXnuwzB-KhzXqQNHn5A7OahP8zUQ2vdg1maw==
X-Amz-Cf-Pop: ORD51-C1
X-Cache: Hit from cloudfront

GET
H/1.1 200
OK cookie.html Show response
tags.pagesix.com/prod/ncg/ Frame 980D 6 KB
3 KB 138ms
27ms Document
text/html 13.249.141.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.pagesix.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-21.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 43003
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 29 Apr 2023 13:39:42 GMT
ETag: W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified: Wed, 28 Aug 2019 23:03:03 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 3a3b6c95360356dea16e73abeac4acfa.cloudfront.net (CloudFront)
X-Amz-Cf-Id: K_iYaS1XzRiuvDa41jTerqDvqkg7TfqyBn5dPpEPxiu7Au2bFufSPQ==
X-Amz-Cf-Pop: ORD51-C1
X-Cache: Hit from cloudfront

GET cookie.html
tags.knewz.com/prod/ncg/ Frame D7DF 0
0

GET
H/1.1 200
OK cookie.html Show response
tags.penews.com/prod/ncg/ Frame 032D 6 KB
3 KB 112ms
27ms Document
text/html 13.249.141.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.penews.com/prod/ncg/cookie.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-41.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 73699
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 29 Apr 2023 05:08:06 GMT
ETag: W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified: Wed, 28 Aug 2019 23:03:03 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: VpuYPV9Jt6TWrCGcALrQ2EUkuAAizrUqzfb96sVtjzCDBDONlfJXgg==
X-Amz-Cf-Pop: ORD51-C1
X-Cache: Hit from cloudfront

GET
H2 200 i Show response
v2.pixel.newscgp.com/ 43 B
416 B 83ms
42ms XHR
image/gif 34.102.180.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.pixel.newscgp.com/i?stm=1682818584504&e=se&se_ca=aka&se_ac=link%3Adomain&se_la=f9dfbc84-c130-4b57-8ec7-4c5048571df4&se_pr=barrons.com&eid=4e0f0fc0-b128-47d0-8a37-111fcb492af4&tv=js-3.8.0&tna=_ncg__0&aid=newsconnect-global&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Etc%2FUnknown&dtm=1682818584500&vp=1600x1200&ds=1600x3200&vid=1&sid=cccea8cb-eb3f-4cb6-9392-28cf1542eb59&duid=f9dfbc84-c130-4b57-8ec7-4c5048571df4&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI5NWI4MWY2YS03NzNjLTQ4ZGItOTI2Mi05M2U0MzY0NzMxZTUifX1dfQ
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.180.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 215.180.102.34.bc.googleusercontent.com
Software: akka-http/10.2.7 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: akka-http/10.2.7
content-type: image/gif
access-control-allow-origin: https://www.barrons.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

POST
H3 200 tp2 Show response
sac.barrons.com/com.snowplowanalytics.snowplow/ 2 B
19 B 73ms
45ms XHR
text/plain 34.120.127.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sac.barrons.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.127.126 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.127.120.34.bc.googleusercontent.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 01:36:23 GMT
via: 1.1 google
server: akka-http/10.2.7
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.barrons.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

OPTIONS
H2 200 tp2
sac.barrons.com/com.snowplowanalytics.snowplow/ Frame 0
0 147ms
44ms Preflight 34.120.127.126
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sac.barrons.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.127.126 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 126.127.120.34.bc.googleusercontent.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.barrons.com
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 30 Apr 2023 01:36:23 GMT
server: akka-http/10.2.7
via: 1.1 google

POST
H2 200 service Show response
usasync01.admantx.com/admantx/ Frame 27CA 322 B
467 B 25ms
25ms Fetch
text/plain 34.234.108.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usasync01.admantx.com/admantx/service

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.108.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-108-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

17cd7a8932c02b67c4d55ac0b07a5c2400ccb1819e49bacbe385831dd776cbc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 01:36:24 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 322
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 27CA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98975ea424ab8d35ea6babb533df44fd72a494b57b9e4bd0fa4e8d35bbef8cdd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 27CA 0
0 39ms
39ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRXPHOidONTLWdg2c5LbtO8eyJDvk7RvutRk4kzCJZQ-X4VNdZ_ULURRWY7kl8H2cpt7lAznGqcgVCJZeNFXjWmrwm_67UNxGt15392_I11qjkDYme9RgDYomZhG47aeMMV7xkEYSoz4LaFJR-Mbpx7Qw81ubbxUkgEv0ngK5kaSaUV4kVPPbCRGgPeVcaMofB2a9JouEDyXaa3dxHaZSD-M2LUsh0RyltaPIvX-h4HYDrUCCbyzKl786WIPtFS8mjCTh5tp6D4AhgHSkHhk5q6dm-MNelrcsK4twVHdzj0uyVOrfcr2u65ULSTvUCG7Md3VCdE7rx1v7tXQ&sai=AMfl-YQ7xPPk7dK0p8gRZGizZvuuuP9uFDmmJOn-q40MKkUKtOp1ttEj8ptV31rAmtA5Sw6gG7bPHjvqzzUSlr7mwbuE7-amzl00taTiDQrGRyD2RL6mgRDYcAPlHQzgByv2ALUQ0yQvdfcux90at-MJ&sig=Cg0ArKJSzNIlZmfbcHMQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 01:36:24 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CA72 61 KB
23 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f931f982c3f40d167c41dd5f1dcf8dc5ce8a93cf7ec3bbe083d4b52538ccf827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 507
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23411
x-xss-protection: 0
server: cafe
etag: 8331745290402310634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 02:27:57 GMT

GET
H2 200 storageframe.html Show response
secure-us.imrworldwide.com/ Frame 5FCB 11 KB
4 KB 25ms
22ms Document
text/html 54.164.141.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-us.imrworldwide.com/storageframe.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.141.245 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-141-245.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-length: 3489
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:24 GMT
etag: "6442b686-da1"
last-modified: Fri, 21 Apr 2023 16:15:02 GMT
server: nginx

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 5492 43 B
479 B 41ms
40ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=a64b2b25-44c3-8016-9482-83fea349775e

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0AF123FRYFN169302VWZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 6a5a311c-c8c5-a9a5-655b-179c342d71f7
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5492 43 B
603 B 90ms
29ms Image
image/gif 2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/6a5a311c-c8c5-a9a5-655b-179c342d71f7?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 5492 43 B
855 B 41ms
37ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=a64b2b25-44c3-8016-9482-83fea349775e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZFWD8073N3YP4S8BEWZS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5492
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=fe9d5758-5869-3bec-548c-0169cb7abcbe&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=fe9d5758-5869-3bec-548c-0169cb7abcbe&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&ttd_puid=fe9d5758-5869-3bec-548c-0169cb7abcbe&gdpr=0&gdpr_consent=

43 B
62 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&ttd_puid=fe9d5758-5869-3bec-548c-0169cb7abcbe&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&ttd_puid=fe9d5758-5869-3bec-548c-0169cb7abcbe&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5492 170 B
409 B 107ms
35ms Image
image/png 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDJmMjg0OTItOTExZS02NTQ4LTQxNmMtNWJkMDAxOTg3MmRl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5492
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAXfGyg05I2j0JF5FJfLV_c&google_cver=1

43 B
180 B

16ms
13ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAXfGyg05I2j0JF5FJfLV_c&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAXfGyg05I2j0JF5FJfLV_c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 info-fill.svg Show response
www.barrons.com/asset/dj-ufc/v1.9.1/assets/ 244 B
668 B 29ms
29ms Fetch
image/svg+xml 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/assets/info-fill.svg
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 203074392ba5aae77e7ef60e5a45a2fe0860439ec224c4535220911d33b5faa5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:22 GMT
x-amz-version-id: _4TN.xH4ht8Z1RRtKsh0RX9sCem3MU96
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C3
age: 820503
etag: "2cd7ce1b678dff998f420fdc02afe396"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600, immutable
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 244
x-amz-cf-id: 7laLskxBo5uHrYh1_l2SOoqDBNY8h3fQrAefSbuhjp6tI0Qbo7_RSw==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 249D 34 KB
10 KB 20ms
19ms Script
text/html 23.211.130.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.130.59 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-130-59.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0a8234ae0bf731640ca703114824b08245f80e46f4b8d3f202dd1ad4bf023817

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 04:51:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11703
Connection: keep-alive
Content-Length: 10020
Expires: Sun, 30 Apr 2023 04:51:27 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EA7E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3GGG3jsIdCPmxS8n.oNwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDpelVDbIF7iFEBN8ayszBw&google_cver=1&google_hm=2

43 B
631 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDpelVDbIF7iFEBN8ayszBw&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDpelVDbIF7iFEBN8ayszBw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame EA7E 43 B
855 B 31ms
30ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3GGG3jsIdCPmxS8n-oNwAAA-MAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KS4FST3E85ZC0WJK4K78
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame EA7E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3GGG3jsIdCPmxS8n-oNwAAA-MAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKD_k1w8FdJhHLs_3h8xme4&google_cver=1

43 B
764 B

18ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKD_k1w8FdJhHLs_3h8xme4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKD_k1w8FdJhHLs_3h8xme4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EA7E
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://match.adsrvr.org/track/cmb/casale?
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&expiration=1685410584&gdpr=0&gdpr_consent=

43 B
631 B

20ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&expiration=1685410584&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&expiration=1685410584&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame EA7E
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4111871771392428841

43 B
631 B

63ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4111871771392428841
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d90fc2fe-9c63-4981-9e0f-fa93361ec216
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4111871771392428841
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EA7E
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACBKE7Im4wAAB-XvqgiVA&expiration=1684028185

43 B
631 B

20ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACBKE7Im4wAAB-XvqgiVA&expiration=1684028185
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACBKE7Im4wAAB-XvqgiVA&expiration=1684028185
Date: Sun, 30 Apr 2023 01:36:25 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame EA7E
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=67d87e3f2d6a15d4&is_secure=true&networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABr63-T97nqAMWzsYlAAAAAAA&expiration=1682904985&is_secure=true

43 B
631 B

19ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABr63-T97nqAMWzsYlAAAAAAA&expiration=1682904985&is_secure=true
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABr63-T97nqAMWzsYlAAAAAAA&expiration=1682904985&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EA7E
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE3GGG3jsIdCPmxS8n.oNwAA%26995&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3721e327-f420-4269-9fc9-e37730ba6d6f-tuctb474b98

43 B
631 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3721e327-f420-4269-9fc9-e37730ba6d6f-tuctb474b98
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3721e327-f420-4269-9fc9-e37730ba6d6f-tuctb474b98
date: Sun, 30 Apr 2023 01:36:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22038

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame EA7E 43 B
479 B 35ms
32ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZE3GGG3jsIdCPmxS8n-oNwAAA-MAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VM2YZBR4PR8Y8GA4Q3WK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 98ms
48ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 01 May 2023 01:36:24 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 27CA 61 KB
23 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f931f982c3f40d167c41dd5f1dcf8dc5ce8a93cf7ec3bbe083d4b52538ccf827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 507
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23411
x-xss-protection: 0
server: cafe
etag: 8331745290402310634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 02:27:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/716328806/ 3 KB
2 KB 237ms
150ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/716328806/?random=1682818584741&cv=11&fst=1682818584741&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c41c6ef22882504b909c02fe91a8fd72a0ab0cc65cd00c5fe3ffd8e2b681d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 50ms
46ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067154206&l=dataLayer&cx=c

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab2aa00d7f59eb2e2e7bd3057ca1e1052b462413c1affc922b0553235c741c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68021
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Apr 2023 01:36:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 50ms
45ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11013097811&l=dataLayer&cx=c

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

798c75062b0dbd45755071b5d29efeb0ed38360f123f721abefe83c8862e2d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52025
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Apr 2023 01:36:24 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/716328806/ 3 KB
2 KB 121ms
38ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/716328806/?random=1682818584763&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=QhOqCIWzgagBEOaeydUC&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

98d5db89f98b771d3dd445f289f2489c1fd1b64db114ff2d3479c52b184bbb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1662
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
prebid-server.rubiconproject.com/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=0&gdpr_consent=
https://prebid-server.rubiconproject.com/setuid?bidder=yahoossp&uid=y-bGapIXVE2uGUO5nVSTOJo1gmgMDmURN3~A&gdpr=0

86 B
622 B

26ms
25ms

Image
image/png

54.152.15.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/setuid?bidder=yahoossp&uid=y-bGapIXVE2uGUO5nVSTOJo1gmgMDmURN3~A&gdpr=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 54.152.15.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-15-101.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: 0

Redirect headers

location: https://prebid-server.rubiconproject.com/setuid?bidder=yahoossp&uid=y-bGapIXVE2uGUO5nVSTOJo1gmgMDmURN3~A&gdpr=0
date: Sun, 30 Apr 2023 01:36:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

OPTIONS
H2 204 author
follow-api.barrons.com/subscription/filter/ Frame 0
0 135ms
46ms Preflight 143.204.146.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://follow-api.barrons.com/subscription/filter/author?product=barrons&value=8617_BARRONS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-41.ewr52.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.barrons.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.barrons.com
date: Sun, 30 Apr 2023 01:36:25 GMT
vary: Origin, Access-Control-Request-Headers
via: 1.1 b078462cffa3a81b6e262ef7f6040412.cloudfront.net (CloudFront)
x-amz-cf-id: bZgBgTANt-intKyyLcMCRJJjU8Lt6t8fxz7DDjC6eMyEAklMKcRkKw==
x-amz-cf-pop: EWR52-C2
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 p-7f564b5e.entry.js Show response
www.barrons.com/asset/dj-ufc/v1.9.1/ 13 KB
2 KB 29ms
25ms Script
application/javascript 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/p-7f564b5e.entry.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/p-517a0862.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0638c53394a57c167f0545ae77a504a102d26befd0eab0ee1ce67188fc2689fd

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Origin: https://www.barrons.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:22 GMT
x-amz-version-id: 3y42Gd9TOQsnlGJr_0_LB7PfKkHrMk4m
content-encoding: gzip
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 820503
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
etag: W/"f84c3528442ae77d03ac322b12e2629b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.barrons.com
access-control-expose-headers: ETag
cache-control: public, max-age=31557600, immutable
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: d8XQa1Qu2dsh6T6ZM0JWj4KLcdvquNE0Yzdid_L1yKPF3m0y2tsyww==

GET
H2 401 author Show response
follow-api.barrons.com/subscription/filter/ 55 B
855 B 88ms
44ms Fetch
application/json 143.204.146.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://follow-api.barrons.com/subscription/filter/author?product=barrons&value=8617_BARRONS

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.146.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-146-41.ewr52.r.cloudfront.net

Software

Resource Hash

00d88adf827c99f1ca2dedd2213a89b92de49b48493e78621ecd66ff9294fca7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: EWR52-C2
x-dns-prefetch-control: off
x-cache: Error from cloudfront
content-length: 55
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"37-e24TI5S3nJ2hWHT00vmgobltR/0"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.barrons.com
x-download-options: noopen
access-control-allow-credentials: true
x-amz-cf-id: zNIdUEUtsf-3MsAKd1fJVxTRlIrerKdgzZ3ArMdtIyhxnYVV2iTzPw==

GET
H2 200 utsync.ashx Show response
ml314.com/ 644 B
1 KB 30ms
27ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=53399&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&pv=1682818584924_cvoac4eg7&bl=en-us&cb=2692217&return=&ht=&d=&dc=&si=1682818584924_cvoac4eg7&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7c6f11a64a88d777810efbfcaaa50999f1aba0ae47c02518f44cb05ff7ff8d2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 191ms
87ms Script
application/javascript 34.198.52.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=3032023&v=2.5.3.49
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-55.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Mon, 01 May 2023 01:36:25 GMT

GET
H/1.1 200
OK riker_prebid.js Show response
tgamriker.s3.ca-central-1.amazonaws.com/ Frame CA72 256 KB
257 KB 25ms
25ms Script
application/javascript 52.95.190.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tgamriker.s3.ca-central-1.amazonaws.com/riker_prebid.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.190.98 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e1c6009f291c7c0c81d3ee0faa100b9a1c880739f09569a5715199bb243977e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:25 GMT
x-amz-version-id: 3mCDSgO5ImOoOughVS.j3JG9vcr.FFUJ
Last-Modified: Wed, 15 Mar 2023 14:11:17 GMT
Server: AmazonS3
x-amz-request-id: JVMBZC1RYE0031BW
ETag: "41aff91fe0e6949534b695b66bdc34a2"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 262203
x-amz-id-2: eezmxuXEbMuJxC8sylf9UYroXeqGUjlgd5yarKD7iulUZZIJ8VF0rF7fEAgH/bu5wf/JuQvTMDY=

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame CA72 74 KB
24 KB 71ms
70ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b23cd16d90740cfc029f803af8d83804d16b9990875bec34b2b85d272f06204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24849
x-xss-protection: 0
server: cafe
etag: 354 / 19477 / 31074164 / config-hash: 17856767610576847833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 01:36:24 GMT

GET
H/1.1 200
OK riker_prebid.js Show response
tgamriker.s3.ca-central-1.amazonaws.com/ Frame 27CA 256 KB
257 KB 49ms
24ms Script
application/javascript 52.95.190.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tgamriker.s3.ca-central-1.amazonaws.com/riker_prebid.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.190.98 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e1c6009f291c7c0c81d3ee0faa100b9a1c880739f09569a5715199bb243977e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:25 GMT
x-amz-version-id: 3mCDSgO5ImOoOughVS.j3JG9vcr.FFUJ
Last-Modified: Wed, 15 Mar 2023 14:11:17 GMT
Server: AmazonS3
x-amz-request-id: JVM8GWF4151H05NX
ETag: "41aff91fe0e6949534b695b66bdc34a2"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 262203
x-amz-id-2: fyVsnyje6kRUD4sRHuXymcKIIRtcu05oTyK5m8GrEvRySmtX10G/l7LVu2weLv6aAReNqYrpkrc=

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 27CA 74 KB
24 KB 114ms
114ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75ffb1514a3c8742fc6d988f8f5ad71adbab4eb74ce6f9f82d77dccd34402607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24756
x-xss-protection: 0
server: cafe
etag: 58 / 19477 / m202304250101 / config-hash: 17856767610576847833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 01:36:25 GMT

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1682818584984&ci=us-403743h&js=1&cg=0&ts=65568.js?sid=787755dc-4a56-4dd1-9341-d101143c2799&toploc=www.barrons.com&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg...
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1682818584984&ci=us-403743h&js=1&cg=0&ts=65568.js?sid=787755dc-4a56-4dd1-9341-d101143c2799&toploc=www.barrons.com&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg...

44 B
596 B

25ms
23ms

Image
image/gif

54.164.141.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1682818584984&ci=us-403743h&js=1&cg=0&ts=65568.js?sid=787755dc-4a56-4dd1-9341-d101143c2799&toploc=www.barrons.com&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&sr=1600x1200&id=lstrg-011a3ff7040f056c6e2df8b840ad8040&ja=1
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 54.164.141.245 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-141-245.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1682818584984&ci=us-403743h&js=1&cg=0&ts=65568.js?sid=787755dc-4a56-4dd1-9341-d101143c2799&toploc=www.barrons.com&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&sr=1600x1200&id=lstrg-011a3ff7040f056c6e2df8b840ad8040&ja=1
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 125ms
25ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1682818585032&plid=610d784a-f2cf-49a6-8f8d-9fe6eacdc441&idsite=barrons.com&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22userType%22%3A%22BOL_free%22%7D&sid=1&surl=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&sref=&sts=1682818585025&slts=0&title=FireEye+Says+%E2%80%98%E2%80%9DIntrusion+Campaign%E2%80%99+Used+Tainted+SolarWinds+Software+%7C+Barron%27s&date=Sun+Apr+30+2023+01%3A36%3A25+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=8b7b95ff-2662-4a25-be49-f8abe59e74c0&u=pid%3D0d9d6d24-ae91-455c-a78c-779710d41f62
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:25 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 30-Apr-2023 01:36:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 103 KB
34 KB 26ms
25ms Script
application/x-javascript 2600:141b:9000:288::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:288::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2023 13:31:47 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34188
Expires: Sun, 30 Apr 2023 02:36:25 GMT

GET
H/1.1 200
OK c.js Show response
collector.brandmetrics.com/ 0
188 B 450ms
62ms Script
text/javascript 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=787755dc-4a56-4dd1-9341-d101143c2799&toploc=www.barrons.com&rnd=7492903
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date: Sun, 30 Apr 2023 01:36:25 GMT
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 72ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=581246501980096&ev=PageView&dl=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&rl=&if=false&ts=1682818585111&cd[member_status]=BOL_free&cd[author_name]=Eric%20J.%20Savitz&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=29&cs_est=true&fbp=fb.1.1682818585110.228997091&it=1682818584440&coo=false&eid=116dfd43de095cbc58dc22e476d6c6ab&tm=1&rqm=GET

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Apr 2023 01:36:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 73ms
20ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=581246501980096&ev=ViewContent&dl=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&rl=&if=false&ts=1682818585114&cd[content_ids]=%5B%22SB50291655048428463406904587159083780091586%22%5D&cd[paywall]=preview&cd[content_category]=BOL_Daily&cd[member_status]=BOL_free&cd[content_type]=product&cd[author_name]=Eric%20J.%20Savitz&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=1&o=29&fbp=fb.1.1682818585110.228997091&it=1682818584440&coo=false&eid=5b66910c0791773e1bd1e47e7028af36&tm=1&rqm=GET

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Apr 2023 01:36:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 73ms
21ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=581246501980096&ev=Purchase&dl=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&rl=&if=false&ts=1682818585115&cd[content_ids]=%5B%22SB50291655048428463406904587159083780091586%22%5D&cd[content_category]=BOL_Daily&cd[member_status]=BOL_free&cd[content_type]=product&cd[currency]=USD&cd[value]=0&cd[num_items]=0&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=2&o=29&fbp=fb.1.1682818585110.228997091&it=1682818584440&coo=false&eid=9a1d68dba765cf42e3bee4fd0353b6d7&tm=1&rqm=GET

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Apr 2023 01:36:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11013097811/ 3 KB
1 KB 148ms
147ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11013097811/?random=1682818585123&cv=11&fst=1682818585123&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d904b69fab2e9d4762d16213fa7683bcd2b2dfba4592752d7ca70ac419055a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1310
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11013097811/ 3 KB
2 KB 40ms
39ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11013097811/?random=1682818585135&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=XnDnCPr1xIAYENOSuoMp&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

a0106879a92d5747e97db7fb70127facef0a5f3165033776970018febc8045c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1663
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067154206/ 3 KB
1 KB 148ms
147ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067154206/?random=1682818585150&cv=11&fst=1682818585150&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70a05b736b3ba45b696976d144c806f2f5ea3d5b26764701958835b9ec8233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1067154206/ 3 KB
2 KB 39ms
38ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1067154206/?random=1682818585171&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=aiwKCIT8m8UCEJ727fwD&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

d90e5867b1578cb301c51e5f58631caf85cd2710c26c8d048209a7349778229e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1660
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
v2.pixel.newscgp.com/ 43 B
203 B 47ms
42ms XHR
image/gif 34.102.180.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.pixel.newscgp.com/i?stm=1682818585186&e=pv&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&page=Page-View&eid=0e83e0a8-6f7b-411b-9a71-8f60f4098a53&tv=js-3.8.0&tna=_ncg__0&aid=newsconnect-global&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Etc%2FUnknown&dtm=1682818585185&vp=1600x1200&ds=1600x3200&vid=1&sid=cccea8cb-eb3f-4cb6-9392-28cf1542eb59&duid=f9dfbc84-c130-4b57-8ec7-4c5048571df4&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9ha2EvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsidXNlcl9pZCI6IiIsInVzZXJfcHJvdmlkZXIiOiIiLCJ1c2VyX21lbXR5cGUiOiJCT0xfZnJlZSIsInVzZXJfbmV3c2xldHRlcl9pZCI6IiIsInVzZXJfbmV3c2xldHRlcl9wcm92aWRlciI6IiIsImJyb3dzZXJfZG1wX2lkIjoiIiwiYnJvd3Nlcl9kbXBfcHJvdmlkZXIiOiIiLCJicm93c2VyX2Fkc19wcGlkIjoiIiwiYnJvd3Nlcl9hZHNfcHJvdmlkZXIiOiJkZnAiLCJicm93c2VyX2FuYWx5dGljc19pZCI6IiIsImJyb3dzZXJfYW5hbHl0aWNzX3Byb3ZpZGVyIjoib21uaXR1cmUiLCJicm93c2VyX25jZ19pZCI6IiJ9fSx7InNjaGVtYSI6ImlnbHU6Y29tLm5ld3NjZ3AvYXJ0aWNsZS9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJhcnRpY2xlX2lkIjoiU0I1MDI5MTY1NTA0ODQyODQ2MzQwNjkwNDU4NzE1OTA4Mzc4MDA5MTU4NiIsImFydGljbGVfc291cmNlIjoiQmFycm9ucyBPbmxpbmUiLCJhcnRpY2xlX3B1Ymxpc2hlZF90aW1lIjoiMjAyMC0xMi0xNSAwMjowNiIsImNvbnRlbnRfdHlwZSI6IkFydGljbGUiLCJzZWN0aW9uIjoiRGFpbHkiLCJzdWJzZWN0aW9uIjoiVGVjaG5vbG9neSIsInN1YnN1YnNlY3Rpb24iOiJGZWF0dXJlIiwic3Vic3Vic3Vic2VjdGlvbiI6IiIsInN1YnN1YnN1YnN1YnNlY3Rpb24iOiIiLCJhcnRpY2xlX3BhaWRfY29udGVudF90eXBlIjoicGFpZCJ9fSx7InNjaGVtYSI6ImlnbHU6Y29tLnNub3dwbG93YW5hbHl0aWNzLnNub3dwbG93L3dlYl9wYWdlL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7ImlkIjoiOTViODFmNmEtNzczYy00OGRiLTkyNjItOTNlNDM2NDczMWU1In19XX0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.180.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 215.180.102.34.bc.googleusercontent.com
Software: akka-http/10.2.7 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: akka-http/10.2.7
content-type: image/gif
access-control-allow-origin: https://www.barrons.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 27CA 0
54 B 34ms
32ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lh2qqiej&chm=1&c=2603748360803563&ctx=2&qqid=CIeEjt-70P4CFYfKswodDcsDbg&met.4=fb.ct~lb.k5~ol.kg~idt.-d~dt.-b8&met.3=739.k9~738.ka~749.ka_6~736.ki~735.p3_1~740.t2_1~113.wr_4~112.wq_5&met.1=1.lh2qqhhu~14.9~15.0~16.9~17.9~18.9~19.9~20.9~21.9~22.kl~23.kl&met.7=CBsQCiA-OCE~CBsQCiA-OB4~CE0QChgBID4oPjCNAThOaEFwgQF4roUDgAGCgwOIAa_yCbABAbgBAw~CBsQCiA_OBU~CCIQBBgBINEDKNEDMKcEOFZo0gNwpQR4rAKwAQG4AQM~CBsQBCDDBTga~CCIQBBgBIN8FKN8FMIcGOCho4AVwhwZ4rAKwAQG4AQM~CCgQChgBIIYHKIYHMKEHOBpoiAdwmwd4n7kBgAHztgGIAdHqA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 249D
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LH2QQGXV-10-5Y9F
https://s.amazon-adsystem.com/ecm3?id=LH2QQGXV-10-5Y9F&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
479 B

45ms
32ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LH2QQGXV-10-5Y9F&ex=d-rubiconproject.com&status=ok&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1NPEB9694JE3ZCPT1SG1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LH2QQGXV-10-5Y9F&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
Expires: 0

GET
H3

200

/
www.google.ca/pagead/1p-conversion/716328806/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/716328806/?random=620146026&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.b...
https://www.google.com/pagead/1p-conversion/716328806/?random=620146026&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles...
https://www.google.ca/pagead/1p-conversion/716328806/?random=620146026&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%...

42 B
64 B

41ms
40ms

Image
image/gif

2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/716328806/?random=620146026&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=QhOqCIWzgagBEOaeydUC&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDctU3FIS1JYYzhIdVJhNW5MNTFyYVhnclBjQmZINHh1dVhES1pMRUg3M1BRbTF5VDA4Vm9ROHBrdw&is_vtc=1&ocp_id=GMZNZI3zNKWdoPMPrOygsA8&cid=CAQSKQBygQiDtYfX3lqGKbIGKApPUG23gn4wey2yf22Btu3lFysTm6g6e5wx&random=1091581649&ipr=y&prhg=0&ezwbk=AZuM4hBVyk_-UvqCPdqz6Ypa2cPr9G8I7zvAI62czOd0qbljcFFlf_Q-GoW7iJirgFzNgOY62lshFnCqwKqQsje4goQl

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/716328806/?random=620146026&cv=11&fst=1682818584763&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=QhOqCIWzgagBEOaeydUC&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDctU3FIS1JYYzhIdVJhNW5MNTFyYVhnclBjQmZINHh1dVhES1pMRUg3M1BRbTF5VDA4Vm9ROHBrdw&is_vtc=1&ocp_id=GMZNZI3zNKWdoPMPrOygsA8&cid=CAQSKQBygQiDtYfX3lqGKbIGKApPUG23gn4wey2yf22Btu3lFysTm6g6e5wx&random=1091581649&ipr=y&prhg=0&ezwbk=AZuM4hBVyk_-UvqCPdqz6Ypa2cPr9G8I7zvAI62czOd0qbljcFFlf_Q-GoW7iJirgFzNgOY62lshFnCqwKqQsje4goQl
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame AAFB 684 B
749 B 22ms
22ms Document
text/html 2600:141b:9000:288::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:288::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Sun, 30 Apr 2023 01:36:25 GMT
Expires: Wed, 10 May 2023 01:36:25 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2

200

setuid
prebid-server.rubiconproject.com/
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid...
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=c743d897-e1f6-0805-3f00-c17c4a217e33

86 B
724 B

32ms
31ms

Image
image/png

54.152.15.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=c743d897-e1f6-0805-3f00-c17c4a217e33
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 54.152.15.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-15-101.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=c743d897-e1f6-0805-3f00-c17c4a217e33
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: a5202ujgl98e2s9jigkumhsk1ut35us2

GET
H/1.1 200
OK ibs:dpid=22052&dpuuid=3635328014473494641&redir=
dpm.demdex.net/ 42 B
940 B 28ms
27ms Image
image/gif 52.1.136.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3635328014473494641&redir=

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.136.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-136-228.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v047-04a85e601.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: v5UtChT7R+U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3635328014473494641
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzNTMyODAxNDQ3MzQ5NDY0MRAAGg0ImYy3ogYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=26ea2a53d01f5095fac1c9377f9cc2c62bf5b6aa3f7adc063e35d1b72c6e928bf4cb09cee1a4f8eb&person_id=3635328014473494641&eid=50082

43 B
60 B

28ms
28ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=26ea2a53d01f5095fac1c9377f9cc2c62bf5b6aa3f7adc063e35d1b72c6e928bf4cb09cee1a4f8eb&person_id=3635328014473494641&eid=50082
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:25 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sun, 30 Apr 2023 21:36:25 GMT

Redirect headers

date: Sun, 30 Apr 2023 01:36:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=26ea2a53d01f5095fac1c9377f9cc2c62bf5b6aa3f7adc063e35d1b72c6e928bf4cb09cee1a4f8eb&person_id=3635328014473494641&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&gdpr=0&gdpr_consent=
https://ml314.com/csync.ashx?fp=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&person_id=3635328014473494641&eid=53819

43 B
60 B

55ms
55ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&person_id=3635328014473494641&eid=53819
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sun, 30 Apr 2023 21:36:25 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
location: https://ml314.com/csync.ashx?fp=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&person_id=3635328014473494641&eid=53819
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Sun, 30 Apr 2023 21:36:25 GMT

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3635328014473494641
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3635328014473494641
https://ml314.com/csync.ashx?fp=9c1913634aad1598819e1e06db4e647a&eid=50146&person_id=3635328014473494641

43 B
60 B

27ms
27ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=9c1913634aad1598819e1e06db4e647a&eid=50146&person_id=3635328014473494641
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sun, 30 Apr 2023 21:36:25 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=9c1913634aad1598819e1e06db4e647a&eid=50146&person_id=3635328014473494641
cache-control: no-cache
x-server: 10.40.41.198
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2WyxrJxnGFyNgdNj-fjNz93OYcA3W_rqJ63ifa97Mo4U&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=2WyxrJxnGFyNgdNj-fjNz93OYcA3W_rqJ63ifa97Mo4U&person_id=3635328014473494641&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

29ms
29ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 30 Apr 2023 01:36:25 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date: Sun, 30 Apr 2023 01:36:24 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
expires: Sun, 30 Apr 2023 21:36:25 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame CA72 0
17 B 33ms
32ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lh2qqikx&chm=1&c=2603748360803563&ctx=2&qqid=CJq3jN-70P4CFQexswodjawNmg&met.4=fb.ez~lb.mo~ol.n4~idt.5k~dt.-5b&met.3=739.mw~738.my~749.my_6~736.oi~735.tw_4~740.xu_1~113.1a4_1~112.1a4_1&met.1=1.lh2qqhat~14.6~15.0~16.6~17.6~18.6~19.7~20.7~21.7~22.om~23.om&met.7=CBsQCiCzATgg~CBsQCiC0AThN~CE0QChgBILUBKLUBMLgCOIQBQLUBSLYBULYBWOkBYMkBaOoBcJ0CeK6FA4ABgoMDiAGv8gmwAQG4AQM~CBsQCiC1ATgU~CCIQBBgBIKAEKKAEMMkEOClooQRwyAR4rAKwAQG4AQM~CBsQBCCMBjhp~CBsQDSCOBjh5~CCIQBBgBIMAGKMAGMOkGOClowAZw6AZ4rAKwAQG4AQM~CCgQChgBIKcIKKcIMMEIOBpoqghwvQh4n7kBgAHztgGIAdHqA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/716328806/ 42 B
455 B 106ms
48ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/716328806/?random=1682818584741&cv=11&fst=1682816400000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3089612253&rmt_tld=0&ipr=y

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/716328806/ 42 B
455 B 93ms
36ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/716328806/?random=1682818584741&cv=11&fst=1682816400000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3089612253&rmt_tld=1&ipr=y

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ Frame CA72 399 KB
124 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18281
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126484
x-xss-protection: 0
server: cafe
etag: 2690975471868618065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Apr 2024 20:31:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame CA72 79 B
87 B 38ms
37ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.barrons.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51c9bb396c065e9eebca8d8ded38e5049e48c301e9822369b76c5e0764363a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Sun, 30 Apr 2023 01:36:25 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame AAFB 103 KB
34 KB 25ms
25ms Script
application/x-javascript 2600:141b:9000:288::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:288::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f9a14368257e7ae608b41966f9d8551e61390e593400e69013ea2e39ecd097a9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2023 13:31:47 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34188
Expires: Sun, 30 Apr 2023 02:36:25 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ Frame 27CA 398 KB
123 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12724
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126109
x-xss-protection: 0
server: cafe
etag: 6695821980177688499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:04:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 27CA 79 B
87 B 46ms
40ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.barrons.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51c9bb396c065e9eebca8d8ded38e5049e48c301e9822369b76c5e0764363a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Sun, 30 Apr 2023 01:36:25 GMT

GET
H2 200 cross.svg Show response
www.barrons.com/asset/dj-ufc/v1.9.1/assets/ 332 B
760 B 31ms
30ms Fetch
image/svg+xml 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/assets/cross.svg
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3f5007e2535db9a74b22986c60082fc7a6da6e6a2ade8173589a2d18c71868

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:23 GMT
x-amz-version-id: y6HKqMaNF1OM7951.DVV0MyQs89hMhVB
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C3
age: 820503
etag: "d6fbafffc759147e284c66bad20fddb8"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600, immutable
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 332
x-amz-cf-id: a5FA5NCaidJknPG8BJYZ7iXKuPxcXa7KKHPT9V_Z8x_d-gH2dw8IEQ==

GET
H2 200 cross.svg Show response
www.barrons.com/asset/dj-ufc/v1.9.1/assets/ 332 B
759 B 30ms
28ms Fetch
image/svg+xml 2600:9000:204d:9200:14:c68f:c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barrons.com/asset/dj-ufc/v1.9.1/assets/cross.svg
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:204d:9200:14:c68f:c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b3f5007e2535db9a74b22986c60082fc7a6da6e6a2ade8173589a2d18c71868

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:41:23 GMT
x-amz-version-id: y6HKqMaNF1OM7951.DVV0MyQs89hMhVB
via: 1.1 ff19078dad8e3d604a159e031d41dba0.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 20:43:20 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C3
age: 820503
etag: "d6fbafffc759147e284c66bad20fddb8"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600, immutable
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 332
x-amz-cf-id: GU6XCC-kg32HCGJiHmCyGtJKmYlfare3dE7bfPIVF0hN6vB6IL6SuQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 249D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI5MWNiY2I3MzU2ZmZmODZhOGQyOTg3ZDI2ZjM3ZjJlNzlhMjhkYQ&gdpr=0

170 B
188 B

36ms
35ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI5MWNiY2I3MzU2ZmZmODZhOGQyOTg3ZDI2ZjM3ZjJlNzlhMjhkYQ&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI5MWNiY2I3MzU2ZmZmODZhOGQyOTg3ZDI2ZjM3ZjJlNzlhMjhkYQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 249D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyUVFHWFYtMTAtNVk5Rg==&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEALqrqBH0b_balyXE52Nd0Q&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUVFHWFYtMTAtNVk5Rg==&google_push=&gdpr=0

170 B
188 B

50ms
50ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUVFHWFYtMTAtNVk5Rg==&google_push=&gdpr=0

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUVFHWFYtMTAtNVk5Rg==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 249D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/TZZxPHry556iewA5kyq2lMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AiPPXNpE2oJuPR_MR90DzeMOvOzTpybUs4WPhg--~A

42 B
703 B

27ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AiPPXNpE2oJuPR_MR90DzeMOvOzTpybUs4WPhg--~A
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 966e54b6201ecd300c4db0efc0f5781a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 30 Apr 2023 01:36:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AiPPXNpE2oJuPR_MR90DzeMOvOzTpybUs4WPhg--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 249D
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&gdpr=0&gdpr_consent=&expires=30

42 B
703 B

26ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 966e54b6201ecd300c4db0efc0f5781a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 249D 43 B
855 B 493ms
174ms Image
image/gif 52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EMAFYFEQAMDQ4CWJVD0K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 249D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEK2khw4AcJzDqYUkA_yrxpE&google_cver=1

42 B
703 B

76ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEK2khw4AcJzDqYUkA_yrxpE&google_cver=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEK2khw4AcJzDqYUkA_yrxpE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 249D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2QQGXV-10-5Y9F&gdpr=0

0
145 B

97ms
96ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2QQGXV-10-5Y9F&gdpr=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:25 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A5F78629E9884E0ABE6A7E670CD77706 Ref B: YMQ01EDGE0512 Ref C: 2023-04-30T01:36:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g7wDkPQVuXsC91X7Pg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2QQGXV-10-5Y9F&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 249D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=izWNFl18Qjet7NMphI_46w&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=izWNFl18Qjet7NMphI_46w&gdpr=0

43 B
479 B

35ms
34ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=izWNFl18Qjet7NMphI_46w&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C63TJ1PWGCHB30X7642E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=izWNFl18Qjet7NMphI_46w&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 966e54b6201ecd300c4db0efc0f5781a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

/
www.google.ca/pagead/1p-conversion/1067154206/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067154206/?random=213962816&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/1067154206/?random=213962816&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticle...
https://www.google.ca/pagead/1p-conversion/1067154206/?random=213962816&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles...

42 B
64 B

52ms
52ms

Image
image/gif

2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/1067154206/?random=213962816&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=aiwKCIT8m8UCEJ727fwD&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc5azVNQnJKUUl3VWhOUVdUTm5rR0VfYl9wdjZGbl84UTlBQms1dkVoRk1Mb09ZTmZmZXlCMnAxUQ&is_vtc=1&ocp_id=GcZNZM_ZC4WYoPMPqeGA8AU&cid=CAQSKQBygQiDdQmKqJaGGhe6KGZ5BMbgdMSrxmvmAs4yf528ClW4itZlKL1p&random=1252868599&ipr=y&prhg=0&ezwbk=AZuM4hDzMpcnaGafyZy6kQ8R1I2XzIAhoKsguqEph5IL5-Job1vamqVPfw9pvPK40BG2y6xNzV3eD4QDGRVMgJgDK3Wg

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/1067154206/?random=213962816&cv=11&fst=1682818585171&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=aiwKCIT8m8UCEJ727fwD&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc5azVNQnJKUUl3VWhOUVdUTm5rR0VfYl9wdjZGbl84UTlBQms1dkVoRk1Mb09ZTmZmZXlCMnAxUQ&is_vtc=1&ocp_id=GcZNZM_ZC4WYoPMPqeGA8AU&cid=CAQSKQBygQiDdQmKqJaGGhe6KGZ5BMbgdMSrxmvmAs4yf528ClW4itZlKL1p&random=1252868599&ipr=y&prhg=0&ezwbk=AZuM4hDzMpcnaGafyZy6kQ8R1I2XzIAhoKsguqEph5IL5-Job1vamqVPfw9pvPK40BG2y6xNzV3eD4QDGRVMgJgDK3Wg
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.ca/pagead/1p-conversion/11013097811/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11013097811/?random=822723540&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww...
https://www.google.com/pagead/1p-conversion/11013097811/?random=822723540&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticl...
https://www.google.ca/pagead/1p-conversion/11013097811/?random=822723540&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticle...

42 B
64 B

45ms
45ms

Image
image/gif

2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/11013097811/?random=822723540&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=XnDnCPr1xIAYENOSuoMp&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDdfdVYtQWs4UVBidklCdzkxNjBualZmRE8tVVlhLWM1dnNhSV80eEpWSzBvN2JEdHV6MnVyS3pwdw&is_vtc=1&ocp_id=GcZNZIrBCY3t_gTv47CAAg&cid=CAQSKQBygQiDPMMb_g2svaae7B_ch7a2UpVb6FK39uu1vfgcP88OOun80LlK&random=3761829334&ipr=y&prhg=0&ezwbk=AZuM4hC-nQOs0Z9pifkwcg4PADzEAOTnJ0FK3f_CD2MlhJcSp3IDeJzIl8ORmjsvuR1w89zm7g0RzONH1xvmrpdceHSd

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/11013097811/?random=822723540&cv=11&fst=1682818585135&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&label=XnDnCPr1xIAYENOSuoMp&hn=www.googleadservices.com&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&gtm_ee=1&us_privacy=1---&auid=1210414193.1682818585&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhOQ3V4SVh2bUE2UkxMWF8tZGRndlgtcHo1T3FZZmFFQkZGd2RvRWFqWXoyZVEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDdfdVYtQWs4UVBidklCdzkxNjBualZmRE8tVVlhLWM1dnNhSV80eEpWSzBvN2JEdHV6MnVyS3pwdw&is_vtc=1&ocp_id=GcZNZIrBCY3t_gTv47CAAg&cid=CAQSKQBygQiDPMMb_g2svaae7B_ch7a2UpVb6FK39uu1vfgcP88OOun80LlK&random=3761829334&ipr=y&prhg=0&ezwbk=AZuM4hC-nQOs0Z9pifkwcg4PADzEAOTnJ0FK3f_CD2MlhJcSp3IDeJzIl8ORmjsvuR1w89zm7g0RzONH1xvmrpdceHSd
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11013097811/ 42 B
108 B 55ms
50ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11013097811/?random=1682818585123&cv=11&fst=1682816400000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1394847130&rmt_tld=0&ipr=y

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/11013097811/ 42 B
108 B 64ms
59ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/11013097811/?random=1682818585123&cv=11&fst=1682816400000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1394847130&rmt_tld=1&ipr=y

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1067154206/ 42 B
108 B 51ms
50ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067154206/?random=1682818585150&cv=11&fst=1682816400000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3151336767&rmt_tld=0&ipr=y

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1067154206/ 42 B
108 B 39ms
39ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1067154206/?random=1682818585150&cv=11&fst=1682816400000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&frm=0&tiba=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3151336767&rmt_tld=1&ipr=y

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame AAFB 47 B
637 B 96ms
23ms Script
text/javascript 145.40.89.32
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: a032e835b9573c9ebb4344b455e5977645aa15d167bcbb73eebad63c16cc1f7c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:25 GMT
last-modified: Sun, 30 Oct 2022 01:36:25 GMT
server: Jetty(9.4.28.v20200408)
etag: 2pwv54a0knu4o2y6n9sh1fihty
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 47
expires: Tue, 30 Apr 2024 01:36:25 GMT

GET
H2

200

setuid
prebid-server.rubiconproject.com/
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26accoun...
https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=a6dcdad9

86 B
803 B

23ms
22ms

Image
image/png

54.152.15.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=a6dcdad9
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 54.152.15.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-15-101.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: 0

Redirect headers

date: Sun, 30 Apr 2023 01:36:25 GMT
via: 1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=a6dcdad9
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: CK5SfOK89I_EM3iIImAiitvrqt7m2QiD1eLjmKY-xIAD3VtymuUwnA==

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CA72 61 KB
23 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f931f982c3f40d167c41dd5f1dcf8dc5ce8a93cf7ec3bbe083d4b52538ccf827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 508
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23411
x-xss-protection: 0
server: cafe
etag: 8331745290402310634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 02:27:57 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 27CA 61 KB
23 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f931f982c3f40d167c41dd5f1dcf8dc5ce8a93cf7ec3bbe083d4b52538ccf827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 508
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23411
x-xss-protection: 0
server: cafe
etag: 8331745290402310634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 02:27:57 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame CA72 36 B
329 B 188ms
187ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=777802
Requested by: Host: tgamriker.s3.ca-central-1.amazonaws.com
URL: https://tgamriker.s3.ca-central-1.amazonaws.com/riker_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2eca4097fd323245d0468af93a2a7c3d6938be310e484b34fde0a607d1b11f

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP0K1glp08Y1znFIFDVW2Lz8a9LKALviPFf4DaaKFz%2BsaURnmlXNu96Ti%2FXhrkdXslhaj7oeYXsYwa6J3VmFP94zGz9RFR5GznVth8KlTXEay1KfvtfJaovkG8ATRbbCJyAd57ka"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7bfc0dbf5bd1a210-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CA72 836 B
894 B 157ms
156ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24730&site_id=447680&zone_id=2589034&size_id=15&rp_schain=1.0,1!theglobeandmail.com,pub-8200574565762874,1,,,&rf=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&kw=Computers%2FConsumer%20Electronics%2CSoftware%2CApplications%20Software%2CComputing%2CEnterprise%20Management%20Software%2CSecurity%2FPrivacy%20Software%2CTechnology%2CCorporate%20Crime%2FLegal%20Action%2CCorporate%2FIndustrial%20News%2CPolitical%2FGeneral%20News%2CCrime%2FLegal%20Action%2CCybercrime%2FHacking%2CPolitics%2FInternational%20Relations%2CDomestic%20Politics%2CGovernment%20Bodies%2CContent%20Types%2CFactiva%20Filters%2CC%26E%20Executive%20News%20Filter%2CC%26E%20Industry%20News%20Filter%2CSYND%2CFireEye%2CFEYE%2CSolarWinds%2CSWI%2Ccorporate%20crime%2Clegal%20action%2Ccorporate%2Cindustrial%20news%2Cpolitical%2Cgeneral%20news%2Ccrime%2Ccybercrime%2Chacking%2Cpolitics%2Cinternational%20relations%2Cdomestic%20politics%2Cgovernment%20bodies%2Ccontent%20types%2Cfactiva%20filters%2Cc%26e%20executive%20news%20filter%2Cc%26e%20industry%20news%20filter%2Ctechnology%2Ccomputers%2Cconsumer%20electronics%2Csoftware%2Capplications%20software%2Ccomputing%2Centerprise%20management%20software%2Csecurity%2Cprivacy%20software&tg_i.page=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tg_i.domain=www.barrons.com&tg_i.name=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&tg_i.cattax=7&tg_i.cat=1%2C52%2C123%2C132%2C286%2C391%2C386%2C596&tg_i.sectioncat=1%2C52%2C123%2C132%2C286%2C391%2C386%2C596&tg_i.pagecat=1%2C52%2C123%2C132%2C286%2C391%2C386%2C596&tg_i.ref=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tg_i.mobile=1&tg_i.privacypolicy=1&tg_i.pbadslot=58%2C2%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&tk_flint=pbjs_lite_v7.40.0&x_source.tid=43058610-41b2-4f2b-8dc3-74ade746b279&l_pb_bid_id=4615735b27374a&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.15&rp_maxbids=1&p_gpid=58%2C2%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&slots=1&rand=0.5182155184298995
Requested by: Host: tgamriker.s3.ca-central-1.amazonaws.com
URL: https://tgamriker.s3.ca-central-1.amazonaws.com/riker_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9cb28f1ddc9ba6303dfeadcbeb3ca240c7e039e18fc68318050af671fe09c151

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.barrons.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 836
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CA72 19 B
982 B 20ms
20ms XHR
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tgamriker.s3.ca-central-1.amazonaws.com
URL: https://tgamriker.s3.ca-central-1.amazonaws.com/riker_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
AN-X-Request-Uuid: ede191ea-2cbb-425f-880d-f0c2a885d391
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 27CA 19 B
982 B 19ms
19ms XHR
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tgamriker.s3.ca-central-1.amazonaws.com
URL: https://tgamriker.s3.ca-central-1.amazonaws.com/riker_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
AN-X-Request-Uuid: 0dd5963d-0fc8-4a05-acbc-ca50cdfda446
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.barrons.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 27CA 836 B
871 B 168ms
167ms XHR
application/json 2602:803:c002:300::99
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24730&site_id=447680&zone_id=2589034&size_id=57&rp_schain=1.0,1!theglobeandmail.com,pub-8200574565762874,1,,,&rf=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&kw=Computers%2FConsumer%20Electronics%2CSoftware%2CApplications%20Software%2CComputing%2CEnterprise%20Management%20Software%2CSecurity%2FPrivacy%20Software%2CTechnology%2CCorporate%20Crime%2FLegal%20Action%2CCorporate%2FIndustrial%20News%2CPolitical%2FGeneral%20News%2CCrime%2FLegal%20Action%2CCybercrime%2FHacking%2CPolitics%2FInternational%20Relations%2CDomestic%20Politics%2CGovernment%20Bodies%2CContent%20Types%2CFactiva%20Filters%2CC%26E%20Executive%20News%20Filter%2CC%26E%20Industry%20News%20Filter%2CSYND%2CFireEye%2CFEYE%2CSolarWinds%2CSWI%2Ccorporate%20crime%2Clegal%20action%2Ccorporate%2Cindustrial%20news%2Cpolitical%2Cgeneral%20news%2Ccrime%2Ccybercrime%2Chacking%2Cpolitics%2Cinternational%20relations%2Cdomestic%20politics%2Cgovernment%20bodies%2Ccontent%20types%2Cfactiva%20filters%2Cc%26e%20executive%20news%20filter%2Cc%26e%20industry%20news%20filter%2Ctechnology%2Ccomputers%2Cconsumer%20electronics%2Csoftware%2Capplications%20software%2Ccomputing%2Centerprise%20management%20software%2Csecurity%2Cprivacy%20software&tg_i.page=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tg_i.domain=www.barrons.com&tg_i.name=FireEye%20Says%20%E2%80%98%E2%80%9DIntrusion%20Campaign%E2%80%99%20Used%20Tainted%20SolarWinds%20Software%20%7C%20Barron%27s&tg_i.cattax=7&tg_i.cat=1%2C52%2C123%2C132%2C286%2C391%2C386%2C596&tg_i.sectioncat=1%2C52%2C123%2C132%2C286%2C391%2C386%2C596&tg_i.pagecat=1%2C52%2C123%2C132%2C286%2C391%2C386%2C596&tg_i.ref=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&tg_i.mobile=1&tg_i.privacypolicy=1&tg_i.pbadslot=58%2C2%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&tk_flint=pbjs_lite_v7.40.0&x_source.tid=7dc1a108-4424-4186-b11b-9424ce6e6ec2&l_pb_bid_id=4a0013faf07be7&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.15&rp_maxbids=1&p_gpid=58%2C2%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&slots=1&rand=0.4950346907271199
Requested by: Host: tgamriker.s3.ca-central-1.amazonaws.com
URL: https://tgamriker.s3.ca-central-1.amazonaws.com/riker_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 49468d119e0fcbfb6955cccc2eb8b06b5640e36cab4a9efd7bd8544e040d6a48

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.barrons.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 836
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 27CA 36 B
542 B 132ms
131ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=777802
Requested by: Host: tgamriker.s3.ca-central-1.amazonaws.com
URL: https://tgamriker.s3.ca-central-1.amazonaws.com/riker_prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e8808c58190a628a8c8f0149f1741cf420b729951ffce12a3cce712d404008e

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m%2FCUemODuSMzmARojE1JZJZXhDXvMQ1Y5%2BaF5lptZu6vIulAySFplTxgcVtpmKk0rrofN5ylGjSvKawkzpR1WBTkhk1PCvDry%2BU76VNXW0%2BhjXhNXoEOxNYmH0LZrfJOrzGjQiE"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7bfc0dbf8ec7a250-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA72 42 B
404 B 99ms
34ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKlf44f9mk6vK7mVxN1x1aLJMUevU0t49MFvbz13FvoD_c_1e2CQ2Fy5l5sUPs5r6yjf7qmb80ST8nMKPMVd_wANcS8jxIUUwXgYknGtB3mZ13marV&sig=Cg0ArKJSzEedZkB8w1yXEAE&id=lidar2&mcvt=1059&p=551,970,801,1270&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1611725678&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682818583573&rpt=826&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 35ms
34ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~lh2qqh99&c=2603748360803563&e=31072020%2C31073865%2C31074188%2C44790318%2C31061691%2C31061693&ctx=1&met.9=4_5.1ic~5_5.1j0~6_5.1jc~4_6.1pi~5_6.1q2~6_6.1qf&met.3=646.1ib_4~800.1ig~800.1ig~800.1ig~800.1ig~800.1ig~947.1in~573.1in~598.1in~598.1in~947.1j1~573.1j1~598.1j1~598.1j1~54.1j2~579.1j2~593.1j2~774.1jb_1~579.1jf~593.1jf~598.1jf~355.1jf~581.1jf~653.1jg_4q~801.1o7~801.1o7~844.1o7~844.1o7~710.1o7~710.1o7~825.1o8~355.1o8~825.1o8_1~708.1o9~708.1o9~598.1o9~708.1o9~592.1o9~54.1oa~598.1oa~579.1oa~593.1oa~51.1oa~708.1o9_2~51.1ob~38.1ob~38.1ob~708.1ob~598.1ob~54.1ob~708.1ob~647.1oc~965.1od_1~947.1ov~573.1ov~598.1ov~54.1ov~947.1ow~573.1ow~598.1ow~54.1ow~947.1ow~573.1ow~598.1ow~54.1ow~947.1ow~573.1ow~598.1ow~54.1ow~947.1ow~573.1ow~598.1ow~54.1ow~947.1ow~573.1ow~598.1ow~54.1ow~947.1ow~573.1ow~598.1ow~54.1ow~947.1ow~573.1ow~598.1ow~54.1ow~947.1ow~573.1ow~598.1ow~54.1ow~947.1ow~573.1ow~598.1ow~54.1ow~947.1ox~573.1ox~598.1ox~598.1ox~54.1ox~947.1ox~573.1ox~598.1ox~598.1ox~54.1ox~947.1ox~573.1ox~598.1ox~598.1ox~54.1ox~947.1ox~573.1ox~598.1ox~598.1ox~54.1ox~947.1ox~573.1ox~598.1ox~598.1ox~54.1ox~947.1ox~573.1ox~598.1ox~598.1ox~54.1ox~947.1ox~573.1ox~598.1ox~598.1ox~54.1ox~947.1ox~573.1ox~598.1ox~598.1ox~54.1ox~646.1pi_e~800.1pv~800.1pv~800.1pv~800.1pv~800.1pv~947.1q3~573.1q3~598.1q3~54.1q3~579.1q3~593.1q3~774.1qf~579.1qg~593.1qg~598.1qg~355.1qg~581.1qg~653.1qg_1f~801.1rw~801.1rw~844.1rw~844.1rw~710.1rw~710.1rw~825.1rw~355.1rw~825.1rw~708.1rx~708.1rx~598.1rx~708.1rx~592.1rx~54.1rx~598.1rx~579.1rx~593.1rx~51.1rx~708.1rx~51.1rx~38.1rx~38.1rx~708.1rx~598.1rx~54.1rx~708.1rx~647.1ry~965.1ry~783.1sx~783.1sy~680.1ty~680.1ty~680.234~680.234~74.24a_1~947.24c~43.24c~53.24c~90.24c~88.24c~88.24c~88.24c~88.24c~89.24c~44.24c~91.24c~95.24c_1~76.24a_3~74.24e~947.24e~43.24e~53.24e~90.24e~88.24e~88.24e~88.24e~88.24e~89.24e~44.24e~91.24e~95.24e_1~76.24e_1~724.24k_3~724.24n~947.25u~573.25u~947.28a~573.28a~598.28a~598.28a~598.28a~598.28a~947.28j~573.28j~598.28j~598.28j~598.28j~598.28j~947.28k~573.28k~598.28k~598.28k~598.28k~598.28k~947.28m~573.28m~598.28m~598.28m~598.28m~598.28m~947.28n~573.28n~598.28n~598.28n~598.28n~598.28n~947.28o~573.28o~598.28o~598.28o~598.28o~598.28o~947.28p~573.28p~598.28p~598.28p~598.28p~598.28p~947.28r~573.28r~598.28r~598.28r~598.28r~598.28r~947.28s~573.28s~598.28s~598.28s~598.28s~598.28s~947.28t~573.28t~598.28t~598.28t~598.28t~598.28t~947.2ab~573.2ab~680.2ch~824.2ch~824.2ci~824.2ci~680.2cj~680.2cq~680.2cq~680.2cr~680.2cr~680.2ey~680.2ey~824.2ez~824.2ez~824.2ez~680.2f8~680.2f8~680.2f9~680.2f9~680.2f9~680.2f9~680.2kx~680.2kx~680.2ky~680.2ky~680.2mb~680.2mb~680.2ml~680.2ml~947.2p3~573.2p3~355.2p3~355.2p3~355.2p3~355.2p3~355.2p3~598.2p3~355.2p3~598.2p3~947.2p3~86.2p3~680.2rt~680.2rt~680.2s1~680.2s1~947.2t3~573.2t3~598.2t3~598.2t3~598.2t3~598.2t3~680.2t7~680.2t7~680.2t9~680.2t9~680.2ta~680.2ta~680.2tb~680.2tb~680.2tb~680.2tb~680.2ti~680.2ti~680.2ti~680.2ti~680.30h~824.30h~824.30i~680.30i~680.30i~824.30i~824.30i~680.30j~680.30z~680.30z~824.30z~824.30z~680.310~680.310~824.310~824.310&met.7=CBsQBiDYDDi3AsABj_navQk~CA8QDRgBIIwOKIwOMIIPOHZojQ5wgQ9451-AAbtdiAGL3AGwAQG4AQPAAb_emusG~CA8QDRgBIK4OKK4OMJsPOGxorw5wmA94v16AAZNciAGY2gGwAQG4AQPAAb_emusG~CBsgzg44IsABr4zaWw~CBsQDSD4DjhlwAHmnPTxDg~CBsQARgBIIgPKIgPMNUPOE3AAaSg_KUH~CBsQBiCVDzgzwAHTzPrBCg~CBsQDSDbCjjvBsABy6iXkwE~CBsQBRgBIJIOKJIOMIgPOHZAlw5Irw5Qrw5Y3w5gwQ5o4A5whw94iReAAd0UiAGSMLABAbgBA8ABhIyWwgU~CBsQBiD7Dji2A8ABmMzNvgI~CBsQBSDyDjieBsAB66vwyg8~CBsQCiCQDzgewAGV9OCqBA~CBsQCiCRDzhxwAG-87XiDg~CBsQCiCSDzhbwAG537i0Cw~CBsQCiCTDzhEwAHIzbGaAg~CBsQCiCUDzh6wAGnlIC7DQ~CBsQCiCXDzhNwAHR4qLECA~CBsQCiCaDzjYAcAB9LK_vwQ~CBsQBiCeDzjtA8AB1di0_Q8~CBsQCiCfDziWAcAB2IvQgAg~CBsQChgBIKAPKKAPMNsQOLsBwAHc6MT4CQ~CBsQCiCiDzibAcAB25fY8AY~CBsQCiCHETgiwAGEtaGZCA~CBsQCiCIETgVwAGPh_2qDA~CBsQDSC8DjjUBcAB7cvnnAE~CBsQCiCLDziWBMABtoj0iwM~CBsQChgBIJYPKJYPMIgQOHLAAYzV2OsE~CBsQCiCYDzhcwAHgtNzvAg~CBsQCiCdDziyA8AB1Ma4-Q0~CBsQCiCjEjhwwAGi7aODBw~CBsgqRI4H8AByKS7oAQ~CBsQDSCvEjiKAcABgtujTA~CBsQDSC9EjgdwAGpgfzwDQ~CBsQDSDEEjh-wAHbm5qpBg~CBsQBiCzEji2A8ABxrHH8AQ~CBsQBiDDFThswAHxp8eLCw~CBsQBiD4FTgVwAGRva3rBA~CBsQBiCPFjg_wAGKlpbAAQ~CBsQBiCVFjiBAcABmsul_gQ~CBsQBiCVFjiSAcAB7LKQ_Q4~CBsQCiDxFTg9wAHfg5H6AQ~CBsQDSCYFjhmwAGgjqmfDA~CBsQDSCxFjikAcABpaj3dg~CBsQBSDcFjjYAsAB4cTbzA8~CBsQDSDkFjhTwAGomrTHCg~CBsQDSDuFjjeAcAB0ZSAigM~CBsQDSC3GDhnwAGQmoHGDA~CBsQCiCKFjhXwAGT1oOFDA~CBsQCiCKFjhbwAHzj42rCA~CBsQCiCLFjhJwAGw0eG6Aw~CBsQCiCaFjghwAGL-aGcBQ~CBsQCiCkFjhtwAHMmfqBDQ~CBsQBSDKFjjWA8AB_JHL9A4~CBsQBSDTFjj2A8ABgOGH8A4~CBsQBSDVFjjUA8ABq8CVwg0~CBsQBSDWFjjXA8AB8qHbkgk~CBsQBSDXFjjXA8AB9buolwI~CBsQBSDYFjjSA8ABqfOZ8wo~CBsQBSDZFjjyA8ABoJPstwg~CBsQBSDbFjjRA8ABxZDDjgY~CBsQBSDdFjjEA8ABmOyA4wY~CBsQBSDuFzjaAsABzrCPXA~CBsQChgBIOUYKOUYMLMZOE7AAYzV2OsE~CBsQChgBIOYYKOYYMLIZOEzAAYzV2OsE~CBsQChgBIOkYKOkYMOQZOHpA6hhI7RhQ7RhYuxlg_xhovBlw4hl4qg-AAf4MiAH7FbABAbgBA8AB6YvDuAE~CBsQBiCBGTirAcABwveCxgE~CBsg4Bk4HsABorLcrAc~CBsQBiCrFTjEBcABla72kAk~CCgQChgBIOQYKOQYMNMaOO4BQOUYSO8YUO8YWLsZYJAZaLwZcNIaeMcMgAGbCogB1xawAQG4AQPAAaLfhYEJ~CBsQCiCKGjggwAG_uOuBCg~CBsQBiD5GjiCAcABvsDEmAs~CBsQBiDGGzhJwAGy5M_6Cw~CBsQBiDHGzhKwAGy5M_6Cw~CBsQBiDHGzhKwAGy5M_6Cw~CBsQCiCKGjjAAcABqKrikQQ~CBsQBiDDGjjpAcAB7qyFlQY~CBsQCiCkGzghwAHzj42rCA~CBsQChgBIIEcKIEcMKkcOChoghxwqBx4qA-AAfwMiAH8FbABAbgBA8ABsfH0_wc~CBsQDSCOHDgwwAGomrTHCg~CCgQChgBINkbKNkbMO4cOJUBaNobcO0ceMoMgAGeCogB2xawAQG4AQPAAcGB_IME~CBsQChgBIN0bKN0bMIYcOClo3htwhRx4qw-AAf8MiAH8FbABAbgBA8ABzPyMjgQ~CBsQBiDeHDgdwAH11uvfDw~CCgQChgBIP0bKP0bMJIdOJUBaP0bcJAdeMsMgAGfCogB2RawAQG4AQPAAeednaYK~CBsQBiC-HDiPAcAB54_E1wM~CBsQBhgBIPIcKPIcMN0dOGtA8xxI9BxQ9BxYoh1ghh1oqB1w3B141gKAASqIASqwAQG4AQPAAa7S5aIC~CBsQBhgBIPIcKPIcMNEdOF5A8xxI9BxQ9BxYoR1ghh1opx1w0B141gKAASqIASqwAQG4AQPAAerksYsD~~CBsQBSDVDTiGEcABlMyh2Ao~CBsQBiCYFjihCMABqZW7hQg~CBsQBiCZFjiXCMABqZW7hQg~CBsQBiDeHDjBAcABlvOAtgU~CBsQBiDeHDjlAcABqpGozAQ~CBsQBhgBINAdKNAdMIgeODlo1B1wiB541gKAASqIASqwAQG4AQPAAZC97LQI~CBsQBhgBINEdKNEdMJIeOEFo1h1wkR541gKAASqIASqwAQG4AQPAAZfLwYwN~CBsQBhgBIOQdKOQdMJgeODRo5R1wlx541gKAASqIASqwAQG4AQPAAbaB8PMG~CBsQBhgBIOQdKOQdMIweOCho5R1wjB541gKAASqIASqwAQG4AQPAAfvM4mQ&met.10=1_8.IMoVEAAIrAIYgJh1KAA~1_11.IMoVEAAIwAwYgJh1KAA&qqid.2=CJq3jN-70P4CFQexswodjawNmg&qqid.1=CIeEjt-70P4CFYfKswodDcsDbg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA72 0
349 B 75ms
32ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.barrons.com&doc=complete&pg_h=0&pg_w=300&pg_hs=250&c=0&aa_c=0&dt=d

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27CA 0
56 B 71ms
32ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.barrons.com&doc=complete&pg_h=0&pg_w=970&pg_hs=250&c=0&aa_c=0&dt=d

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame CA72 0
17 B 31ms
31ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lh2qqiti&c=4397437491346622&e=31072878%2C31074164%2C31061690&ctx=1&met.1=1.lh2qqhat~14.6~15.0~16.6~17.6~18.6~19.7~20.7~21.7~22.om~23.om&met.3=113.1iq_1~112.1iq_2~735.1it_1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame AAFB 43 B
467 B 72ms
24ms Image
image/gif 145.40.89.32
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.21&typ=pgv&rnd=lh2qqfwxjf3k8i7q&sid=9222325317970825875&loc=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&new=1&arf=0&ltm=1682818585076&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lh2qqikoxp91lp9q&ckp=lh2qqigec39ceebk&glb=&cp_userState=anon&cp_ver=test&cp_testGroup=24&cp_topDomain=barrons.com&cp_pwTag=default&cp_pwPlacement=cx-snippetad&cp_pwCampaign=10&cp_pwType=personalized&cp_type=Feature&cp_template=preview&cp_access=paid&cp_section=Daily&cp_subsection=Technology&cp_cms_name=METHODE&cp_vix=&cp_subscriber=nonsubscriber&cp_edition=naus&cp_bucket=0&cp_ab_bucket=66&cp_pageContentTypeDetai=continuous&cp_pageSiteProduct=BOL&cst=2pwv54a0knu4o2y6n9sh1fihty
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Sun, 30 Apr 2023 01:36:25 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

POST
H3 204 csi
csi.gstatic.com/ Frame 27CA 0
17 B 31ms
31ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lh2qqito&c=1643142864910516&ctx=1&met.1=1.lh2qqhhu~14.9~15.0~16.9~17.9~18.9~19.9~20.9~21.9~22.kl~23.kl&met.3=113.1bv_1~112.1bv_1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 101 B
673 B 77ms
31ms Script
text/javascript 145.40.89.32
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lh2qqigec39ceebk%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222pwv54a0knu4o2y6n9sh1fihty%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222pwv54a0knu4o2y6n9sh1fihty%22%7D%5D%2C%22siteId%22%3A%229222325317970825875%22%2C%22location%22%3A%22https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%22%7D&callback=cXJsonpCB1

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

b600bf597fb2aaaa0e4a8499e385d889d64aaf2983052438bfea5f61ce30962e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 101
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
prebid-server.rubiconproject.com/
Redirect Chain

https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D0%26gdpr_consent%3D%26us_privacy...
https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=[UID]

86 B
878 B

24ms
24ms

Image
image/png

54.152.15.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=[UID]
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Server: 54.152.15.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-15-101.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=[UID]
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 27CA 42 B
108 B 50ms
34ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtXkrcWw4xsotn2Iegd5iEd0Cry5ploe90OLF4EEijNh35gPrZeM6QCES_Noey1w5gMHX9Z57mr2qLO_eJf77JfOioxIyE3J_xOIgZNQzdys21QP4R&sig=Cg0ArKJSzDJE-Nll8IahEAE&id=lidar2&mcvt=1000&p=117,315,367,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1837188095&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682818583826&rpt=730&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 8 KB
4 KB 97ms
27ms Script
text/javascript 86.109.7.56
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22subscriber%22%3A%22nonsubscriber%22%2C%22edition%22%3A%22naus%22%2C%22pwcampaign%22%3A%2210%22%2C%22bucket%22%3A%220%22%2C%22testgroup%22%3A%2224%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscriber%22%2C%22value%22%3A%22nonsubscriber%22%7D%2C%7B%22key%22%3A%22edition%22%2C%22value%22%3A%22naus%22%7D%2C%7B%22key%22%3A%22pwcampaign%22%2C%22value%22%3A%2210%22%7D%2C%7B%22key%22%3A%22bucket%22%2C%22value%22%3A%220%22%7D%2C%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%22test%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2224%22%7D%2C%7B%22key%22%3A%22topDomain%22%2C%22value%22%3A%22barrons.com%22%7D%2C%7B%22key%22%3A%22pwTag%22%2C%22value%22%3A%22default%22%7D%2C%7B%22key%22%3A%22pwPlacement%22%2C%22value%22%3A%22cx-snippetad%22%7D%2C%7B%22key%22%3A%22pwCampaign%22%2C%22value%22%3A%2210%22%7D%2C%7B%22key%22%3A%22pwType%22%2C%22value%22%3A%22personalized%22%7D%2C%7B%22key%22%3A%22type%22%2C%22value%22%3A%22Feature%22%7D%2C%7B%22key%22%3A%22template%22%2C%22value%22%3A%22preview%22%7D%2C%7B%22key%22%3A%22access%22%2C%22value%22%3A%22paid%22%7D%2C%7B%22key%22%3A%22section%22%2C%22value%22%3A%22Daily%22%7D%2C%7B%22key%22%3A%22subsection%22%2C%22value%22%3A%22Technology%22%7D%2C%7B%22key%22%3A%22cms_name%22%2C%22value%22%3A%22METHODE%22%7D%2C%7B%22key%22%3A%22vix%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22ab_bucket%22%2C%22value%22%3A%2266%22%7D%2C%7B%22key%22%3A%22pageContentTypeDetai%22%2C%22value%22%3A%22continuous%22%7D%2C%7B%22key%22%3A%22pageSiteProduct%22%2C%22value%22%3A%22BOL%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2224%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%22%7D%2C%22widgetId%22%3A%2280c889e1149a1d949c7f0976ed3bba042569df39%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22lh2qqigec39ceebk%22%7D%7D%2C%22prnd%22%3A%22lh2qqfwxjf3k8i7q%22%7D&media=javascript&sid=9222325317970825875&widgetId=80c889e1149a1d949c7f0976ed3bba042569df39&resizeToContentSize=true&useSecureUrls=true&usi=lh2qqigec39ceebk&rnd=1747776475&prnd=lh2qqfwxjf3k8i7q&tzo=0&callback=cXJsonpCB2

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

9f2220ea21a778969e5479a9864b598848d0977972fbbd1c476e6d1ed980b32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 3192
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 45 KB
9 KB 97ms
30ms Script
text/javascript 86.109.7.56
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22subscriber%22%3A%22nonsubscriber%22%2C%22edition%22%3A%22naus%22%2C%22pwcampaign%22%3A%2210%22%2C%22bucket%22%3A%220%22%2C%22testgroup%22%3A%2224%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscriber%22%2C%22value%22%3A%22nonsubscriber%22%7D%2C%7B%22key%22%3A%22edition%22%2C%22value%22%3A%22naus%22%7D%2C%7B%22key%22%3A%22pwcampaign%22%2C%22value%22%3A%2210%22%7D%2C%7B%22key%22%3A%22bucket%22%2C%22value%22%3A%220%22%7D%2C%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%22test%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2224%22%7D%2C%7B%22key%22%3A%22topDomain%22%2C%22value%22%3A%22barrons.com%22%7D%2C%7B%22key%22%3A%22pwTag%22%2C%22value%22%3A%22default%22%7D%2C%7B%22key%22%3A%22pwPlacement%22%2C%22value%22%3A%22cx-snippetad%22%7D%2C%7B%22key%22%3A%22pwCampaign%22%2C%22value%22%3A%2210%22%7D%2C%7B%22key%22%3A%22pwType%22%2C%22value%22%3A%22personalized%22%7D%2C%7B%22key%22%3A%22type%22%2C%22value%22%3A%22Feature%22%7D%2C%7B%22key%22%3A%22template%22%2C%22value%22%3A%22preview%22%7D%2C%7B%22key%22%3A%22access%22%2C%22value%22%3A%22paid%22%7D%2C%7B%22key%22%3A%22section%22%2C%22value%22%3A%22Daily%22%7D%2C%7B%22key%22%3A%22subsection%22%2C%22value%22%3A%22Technology%22%7D%2C%7B%22key%22%3A%22cms_name%22%2C%22value%22%3A%22METHODE%22%7D%2C%7B%22key%22%3A%22vix%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22ab_bucket%22%2C%22value%22%3A%2266%22%7D%2C%7B%22key%22%3A%22pageContentTypeDetai%22%2C%22value%22%3A%22continuous%22%7D%2C%7B%22key%22%3A%22pageSiteProduct%22%2C%22value%22%3A%22BOL%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2224%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%22%7D%2C%22widgetId%22%3A%223136cddea70289fe567e2697f7fcf7124817cdf3%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22lh2qqigec39ceebk%22%7D%7D%2C%22prnd%22%3A%22lh2qqfwxjf3k8i7q%22%7D&media=javascript&sid=9222325317970825875&widgetId=3136cddea70289fe567e2697f7fcf7124817cdf3&resizeToContentSize=true&useSecureUrls=true&usi=lh2qqigec39ceebk&rnd=1004779745&prnd=lh2qqfwxjf3k8i7q&tzo=0&callback=cXJsonpCB3

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

7ebb1607d4d3e07d203645200ed0ec1fe5f8ea4547869cf34713933de1cdec2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 8221
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 20 KB
6 KB 91ms
28ms Script
text/javascript 86.109.7.56
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22subscriber%22%3A%22nonsubscriber%22%2C%22edition%22%3A%22naus%22%2C%22pwcampaign%22%3A%2210%22%2C%22bucket%22%3A%220%22%2C%22testgroup%22%3A%2224%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscriber%22%2C%22value%22%3A%22nonsubscriber%22%7D%2C%7B%22key%22%3A%22edition%22%2C%22value%22%3A%22naus%22%7D%2C%7B%22key%22%3A%22pwcampaign%22%2C%22value%22%3A%2210%22%7D%2C%7B%22key%22%3A%22bucket%22%2C%22value%22%3A%220%22%7D%2C%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%22test%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2224%22%7D%2C%7B%22key%22%3A%22topDomain%22%2C%22value%22%3A%22barrons.com%22%7D%2C%7B%22key%22%3A%22pwTag%22%2C%22value%22%3A%22default%22%7D%2C%7B%22key%22%3A%22pwPlacement%22%2C%22value%22%3A%22cx-snippetad%22%7D%2C%7B%22key%22%3A%22pwCampaign%22%2C%22value%22%3A%2210%22%7D%2C%7B%22key%22%3A%22pwType%22%2C%22value%22%3A%22personalized%22%7D%2C%7B%22key%22%3A%22type%22%2C%22value%22%3A%22Feature%22%7D%2C%7B%22key%22%3A%22template%22%2C%22value%22%3A%22preview%22%7D%2C%7B%22key%22%3A%22access%22%2C%22value%22%3A%22paid%22%7D%2C%7B%22key%22%3A%22section%22%2C%22value%22%3A%22Daily%22%7D%2C%7B%22key%22%3A%22subsection%22%2C%22value%22%3A%22Technology%22%7D%2C%7B%22key%22%3A%22cms_name%22%2C%22value%22%3A%22METHODE%22%7D%2C%7B%22key%22%3A%22vix%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22ab_bucket%22%2C%22value%22%3A%2266%22%7D%2C%7B%22key%22%3A%22pageContentTypeDetai%22%2C%22value%22%3A%22continuous%22%7D%2C%7B%22key%22%3A%22pageSiteProduct%22%2C%22value%22%3A%22BOL%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2224%22%7D%2C%7B%22key%22%3A%22ctrlUrl1%22%2C%22value%22%3A%22https%3A%2F%2Fsubscribe.wsj.com%2Fbarhpheader%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%22%7D%2C%22widgetId%22%3A%228beff7dca1f80abd8d6e191025ab9acfd2204aa5%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22lh2qqigec39ceebk%22%7D%7D%2C%22prnd%22%3A%22lh2qqfwxjf3k8i7q%22%7D&media=javascript&sid=9222325317970825875&widgetId=8beff7dca1f80abd8d6e191025ab9acfd2204aa5&resizeToContentSize=true&useSecureUrls=true&usi=lh2qqigec39ceebk&rnd=1845211184&prnd=lh2qqfwxjf3k8i7q&tzo=0&callback=cXJsonpCB4

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

96b660830a66d6f8f5dc0aee22f611575184fb0ce9af4d0f20a1262e1240caa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 5471
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 2 KB
2 KB 85ms
25ms Script
text/javascript 86.109.7.56
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22subscriber%22%3A%22nonsubscriber%22%2C%22edition%22%3A%22naus%22%2C%22pwcampaign%22%3A%2210%22%2C%22bucket%22%3A%220%22%2C%22testgroup%22%3A%2224%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscriber%22%2C%22value%22%3A%22nonsubscriber%22%7D%2C%7B%22key%22%3A%22edition%22%2C%22value%22%3A%22naus%22%7D%2C%7B%22key%22%3A%22pwcampaign%22%2C%22value%22%3A%2210%22%7D%2C%7B%22key%22%3A%22bucket%22%2C%22value%22%3A%220%22%7D%2C%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%22test%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2224%22%7D%2C%7B%22key%22%3A%22topDomain%22%2C%22value%22%3A%22barrons.com%22%7D%2C%7B%22key%22%3A%22pwTag%22%2C%22value%22%3A%22default%22%7D%2C%7B%22key%22%3A%22pwPlacement%22%2C%22value%22%3A%22cx-snippetad%22%7D%2C%7B%22key%22%3A%22pwCampaign%22%2C%22value%22%3A%2210%22%7D%2C%7B%22key%22%3A%22pwType%22%2C%22value%22%3A%22personalized%22%7D%2C%7B%22key%22%3A%22type%22%2C%22value%22%3A%22Feature%22%7D%2C%7B%22key%22%3A%22template%22%2C%22value%22%3A%22preview%22%7D%2C%7B%22key%22%3A%22access%22%2C%22value%22%3A%22paid%22%7D%2C%7B%22key%22%3A%22section%22%2C%22value%22%3A%22Daily%22%7D%2C%7B%22key%22%3A%22subsection%22%2C%22value%22%3A%22Technology%22%7D%2C%7B%22key%22%3A%22cms_name%22%2C%22value%22%3A%22METHODE%22%7D%2C%7B%22key%22%3A%22vix%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22ab_bucket%22%2C%22value%22%3A%2266%22%7D%2C%7B%22key%22%3A%22pageContentTypeDetai%22%2C%22value%22%3A%22continuous%22%7D%2C%7B%22key%22%3A%22pageSiteProduct%22%2C%22value%22%3A%22BOL%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2224%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%22%7D%2C%22widgetId%22%3A%222993364dab4735f2ada34803c6dbc9901b473b62%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22lh2qqigec39ceebk%22%7D%7D%2C%22prnd%22%3A%22lh2qqfwxjf3k8i7q%22%7D&media=javascript&sid=9222325317970825875&widgetId=2993364dab4735f2ada34803c6dbc9901b473b62&resizeToContentSize=true&useSecureUrls=true&usi=lh2qqigec39ceebk&rnd=1123309756&prnd=lh2qqfwxjf3k8i7q&tzo=0&callback=cXJsonpCB5

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

75567ce2c1e34a108f9314792a7bcacaebce7556a11017b0da06157656a051ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 1023
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET

setuid
prebid-server.rubiconproject.com/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3D...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%...
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=06b9933a-533c-41c6-91b5-0cd70deb93c4

0
0

GET
H2 200 13516 Show response
check.analytics.rlcdn.com/check/ 25 B
384 B 138ms
83ms XHR
application/json 108.139.29.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/13516
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-64.jfk50.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Apr 2023 01:36:25 GMT
via: 1.1 f391dfb0806f29cccc5f1df3e1ae836e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
x-amzn-trace-id: Root=1-644dc619-066e2a374e822a426b61c830
x-amzn-requestid: 4582ef53-d4ca-4f6f-aa69-d4339e2f65af
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: EKvkFEJLDoEFXcQ=
content-length: 25
x-amz-cf-id: zVgKx4h16ovR9Nd04sKBTZOM6o_efcTCgs97lRO5x36HaV7PGqvDag==

GET
H2 200 13516 Show response
check.analytics.rlcdn.com/check/ 25 B
386 B 258ms
205ms XHR
application/json 108.139.29.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/13516
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-64.jfk50.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
via: 1.1 f391dfb0806f29cccc5f1df3e1ae836e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
x-amzn-trace-id: Root=1-644dc619-0470c2fb293b33fa6bfe6528
x-amzn-requestid: e209dba2-a24c-4b68-88b0-bbeb27653404
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: EKvkGGF5joEFctA=
content-length: 25
x-amz-cf-id: rHDXOrM6U3TmtVRREG_BxBO-TX6NUgT6mlDjVrJjttJLVWuAmGqfCw==

GET
H/1.1 200
OK 80219f347b1e20b769ecf9b492e425ac28e0131b.jpg
content.cxpublic.com/creatives/ 58 KB
58 KB 145ms
31ms Image
image/jpeg 104.77.238.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cxpublic.com/creatives/80219f347b1e20b769ecf9b492e425ac28e0131b.jpg
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.238.162 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-238-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: df4248d48feadcfc232a2936ed83cd12242fd235d2b5b25b0da07a2df6bc04a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:25 GMT
Last-Modified: Wed, 26 Aug 2020 17:58:04 GMT
Server: AmazonS3
x-amz-request-id: PHVK60MSSHGY5FK0
ETag: "c6ef8109edfc9ccd7bc9b7da8eed89ed"
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59405
x-amz-id-2: f03xM7Pb80eXKpokBWGW71hVbeI814yS8n00VCRtyobZXbsMCuEriP4LQr1fa/TSyUNqzpzaKmc=
Expires: Mon, 29 Apr 2024 01:36:25 GMT

GET
H/1.1 200
OK bd3d114790e80040cc077d10d4c101c39f1b72e7.jpg
content.cxpublic.com/creatives/ 178 KB
178 KB 230ms
124ms Image
image/jpeg 104.77.238.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cxpublic.com/creatives/bd3d114790e80040cc077d10d4c101c39f1b72e7.jpg
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.238.162 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-238-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3ea3837c0b48a0337b6ec3a10381dde68aec08ebc75ff260c08df2b8e0ba3e27

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Unused62: 8096267
Date: Sun, 30 Apr 2023 01:36:26 GMT
Last-Modified: Wed, 26 Aug 2020 15:36:30 GMT
Server: AmazonS3
x-amz-request-id: D38D33517D796DCF
ETag: "e4e32bb8f2dcc24c2be4f7e7db80cb83"
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181913
x-amz-id-2: DshumR4IrlFsugvA8p8CEPeCcLEcMnx0xSH+gvAyeohMqqejbQHZGx/5/EKywaru9+Yc+5nzJvU=
Expires: Mon, 29 Apr 2024 01:36:26 GMT

GET
H/1.1 200
OK c12d99b49f3b16863c76f4122496d775a25540b7.jpg
content.cxpublic.com/creatives/ 103 KB
104 KB 141ms
35ms Image
image/jpeg 104.77.238.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cxpublic.com/creatives/c12d99b49f3b16863c76f4122496d775a25540b7.jpg
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.238.162 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-238-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5489306d55535ba3c05ce9b95aca0e5f8fb4d21e902de874f3b431dc88b42caf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Unused62: 8096267
Date: Sun, 30 Apr 2023 01:36:25 GMT
Last-Modified: Wed, 26 Aug 2020 15:36:30 GMT
Server: AmazonS3
x-amz-request-id: 3A84A069DE46BADC
ETag: "f24d913f3f7c63fe66bf6cd224de4175"
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105600
x-amz-id-2: q62Sln7EZTXB4V2YxtTSoLfu5gkwmq350bQDd91+xv8u6HFuWwW/NWdr/lnf1vZKzWLzHk+87Zk=
Expires: Mon, 29 Apr 2024 01:36:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ Frame CA72 107 B
165 B 41ms
40ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.barrons.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CA72 107 B
165 B 40ms
39ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.barrons.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CA72 32 KB
14 KB 1079ms
1078ms XHR
text/plain 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4397437491346622&correlator=1699331587021499&eid=31072878%2C31074164%2C31068367%2C31061690&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fifs&gdpr=0&iu_parts=58%3A2%2Ctgam.wsj%2Cbarrons%2Cbarrons_technology&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&adks=3679014495&sfv=1-0-40&eri=1&cust_params=ad_unit_path%3D58%252C2%252Ftgam.wsj%252Fbarrons%252Fbarrons_technology%26m_safety%3Dunsafe%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26m_data%3D1%26m_categories%3Dgb_spam_news-ent%252Cgs_politics_issues_policy%252Cgs_science%252Cgs_busfin_indus%252Cgs_business_misc%252Cgv_crime%252Cgs_tech_compute_apps_antivir%252Cmoat_unsafe%252Cgs_law_misc%252Cgs_busfin%252Cgb_spam_edu%252Cgb_crime_edu%252Cgs_tech_compute_apps%252Cgs_science_misc%252Cgs_law%252Cgs_busfin_business%252Cgs_busfin_business_admin%252Cgb_measurable%252Cgs_tech_compute%252Cgs_health%252Cgs_politics%26in_view_perc%3D60-64%26gav%3D60%26rikerid%3D0JYXH%26pp0%3Darticles%252Cbarrons_technology%26pp1%3Dfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377%26arena%3D%252CDaily%252CTechnology%252Carticles%252Cbarrons_technology%252Carticles%252Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377%252Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377%26permutive%3D%26asite%3Dwww.barrons.com%252Cbarrons%26pos%3Dflex%26refresh_count%3D0%26refresh%3Dfalse%26loc%3Dart%26mode%3Dother%26ptf%3Dgpt%26adab%3D1%26rikerparentid%3Dgoogle_ads_iframe_%252F2%252Fbarrons.com%252Fbarrons_technology_1&sc=1&cookie=ID%3Db6c9206588c17c3b%3AT%3D1682818583%3AS%3DALNI_Mb3jDFGa-PFvppdi-hGS1Gsg7S6nw&gpic=UID%3D00000be69925cb74%3AT%3D1682818583%3ART%3D1682818583%3AS%3DALNI_MastHUr8Sn10Eebxgi_DoBmPNjwIg&abxe=1&dt=1682818586193&lmt=1682818586&dlt=1682818583573&idt=1843&adxs=970&adys=551&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=j1elny546ltl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&ref=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&top=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&rumc=4397437491346622&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1810211755.1682818586&ga_sid=1682818586&ga_hid=78848644&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1354359f90748de872bee00f32497b67d579243ee0421026a420c3c260e215c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14005
x-xss-protection: 0
google-lineitem-id: 6263863123
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428413013
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CA72 14 KB
11 KB 46ms
45ms XHR
application/json 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9c18ae95cd41d6d4bbecead0ff9a9e732872a045ee79af40e9b38ed5f84778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11101
x-xss-protection: 0

GET
H2 200 container.html Show response
331afe2bb48f994fe0d9101d6b5b6bfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DA2 6 KB
3 KB 55ms
38ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://331afe2bb48f994fe0d9101d6b5b6bfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Mon, 29 Apr 2024 01:36:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ Frame 27CA 107 B
165 B 40ms
40ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.barrons.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 27CA 107 B
165 B 38ms
38ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.barrons.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 27CA 83 KB
28 KB 872ms
872ms XHR
text/plain 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1643142864910516&correlator=4491110093207784&eid=31068367&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&gdpr=0&iu_parts=58%3A2%2Ctgam.wsj%2Cbarrons%2Cbarrons_technology&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=1&adks=2278340195&sfv=1-0-40&eri=1&cust_params=ad_unit_path%3D58%252C2%252Ftgam.wsj%252Fbarrons%252Fbarrons_technology%26m_safety%3Dunsafe%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26m_data%3D1%26m_categories%3Dgb_spam_news-ent%252Cgs_politics_issues_policy%252Cgs_science%252Cgs_busfin_indus%252Cgs_business_misc%252Cgv_crime%252Cgs_tech_compute_apps_antivir%252Cmoat_unsafe%252Cgs_law_misc%252Cgs_busfin%252Cgb_spam_edu%252Cgb_crime_edu%252Cgs_tech_compute_apps%252Cgs_science_misc%252Cgs_law%252Cgs_busfin_business%252Cgs_busfin_business_admin%252Cgb_measurable%252Cgs_tech_compute%252Cgs_health%252Cgs_politics%26in_view_perc%3D60-64%26gav%3D60%26rikerid%3D0JYXH%26pp0%3Darticles%252Cbarrons_technology%26pp1%3Dfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377%26arena%3D%252CDaily%252CTechnology%252Carticles%252Cbarrons_technology%252Carticles%252Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377%252Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377%26permutive%3D%26asite%3Dwww.barrons.com%252Cbarrons%26pos%3Dldbd%26refresh_count%3D0%26refresh%3Dfalse%26loc%3Dart%26mode%3Dother%26ptf%3Dgpt%26adab%3D0%26rikerparentid%3Dgoogle_ads_iframe_%252F2%252Fbarrons.com%252Fbarrons_technology_0&sc=1&cookie=ID%3Db6c9206588c17c3b%3AT%3D1682818583%3AS%3DALNI_Mb3jDFGa-PFvppdi-hGS1Gsg7S6nw&gpic=UID%3D00000be69925cb74%3AT%3D1682818583%3ART%3D1682818583%3AS%3DALNI_MastHUr8Sn10Eebxgi_DoBmPNjwIg&abxe=1&dt=1682818586226&lmt=1682818586&dlt=1682818583826&idt=1618&adxs=315&adys=117&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=3vrgh6ortvv3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&ref=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&top=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&rumc=1643142864910516&frm=23&vis=1&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1973247123.1682818586&ga_sid=1682818586&ga_hid=2060622293&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5651782537b2009b0b4b9a9335dae27d57a826015a34497186aab228d7ce1d3a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPW7u-C70P4CFQz6swod-w8BVQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10650913673796648960/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPW7u-C70P4CFQz6swod-w8BVQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10650913673796648960/index.html
date: Sun, 30 Apr 2023 01:36:27 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28822
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.barrons.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 27CA 14 KB
11 KB 66ms
66ms XHR
application/json 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99b3c3ec6de5841d0bb8f61ceaa0519df20f7725a3c4ea63ef87ddb93dbfb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11116
x-xss-protection: 0

GET
H2 200 container.html Show response
c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BCD 6 KB
3 KB 57ms
37ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Mon, 29 Apr 2024 01:36:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CA72 17 KB
7 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 01:36:26 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 27CA 17 KB
6 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 01:36:26 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5853 13 KB
5 KB 19ms
18ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 20241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 19:59:05 GMT
expires: Sun, 28 Apr 2024 19:59:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6993 783 B
537 B 44ms
44ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb25374e50a474d8c7b2b7014243c653e6c053f2bbd6d7dea474b6cb11fd8d92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Xs7GzR2vXhj30r9DMb9YA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-8Xs7GzR2vXhj30r9DMb9YA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Sun, 30 Apr 2023 01:36:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
253 B 90ms
42ms XHR
text/plain 34.120.155.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13516
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.barrons.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 62C9 281 B
554 B 39ms
39ms Document
text/html 23.211.130.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.130.59 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-130-59.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Apr 2023 01:36:26 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5548 52 KB
17 KB 79ms
20ms Document
text/html 23.52.157.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.157.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-157-179.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 30 Apr 2023 01:36:26 GMT
ETag: "623de86a-cf34"
Expires: Mon, 01 May 2023 01:36:28 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F60A 16 KB
6 KB 31ms
31ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158677&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75457
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Sun, 30 Apr 2023 22:34:03 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame A16F 3 KB
2 KB 77ms
35ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 869
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7bfc0dc52d8ea24d-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Sun, 30 Apr 2023 05:36:26 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame C519 1 KB
2 KB 24ms
24ms Document
text/html 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: ebf086dfd77675075a1a4172f41b270f12f0c92aa6567aaf13103961e8a1e397

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1110
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 01:36:26 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5159 3 KB
1 KB 76ms
36ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 869
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7bfc0dc52d92a24d-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Sun, 30 Apr 2023 05:36:26 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8EC8 16 KB
6 KB 25ms
19ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158677&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75457
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Sun, 30 Apr 2023 22:34:03 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 3465 1 KB
2 KB 29ms
24ms Document
text/html 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: ebf086dfd77675075a1a4172f41b270f12f0c92aa6567aaf13103961e8a1e397

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1110
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 01:36:26 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DBA2 52 KB
17 KB 75ms
21ms Document
text/html 23.52.157.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.157.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-157-179.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 30 Apr 2023 01:36:26 GMT
ETag: "623de86a-cf34"
Expires: Mon, 01 May 2023 01:36:28 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5853 36 KB
14 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 278874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:08:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF5D 13 KB
5 KB 20ms
19ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 20241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 19:59:05 GMT
expires: Sun, 28 Apr 2024 19:59:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2964 783 B
536 B 40ms
39ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

438616aedf0d799505fbbd6e17c2d74d662306bee6bf8ad2fb4a8d8e161c3eb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fW0Uo7CMA4vhvjWd58PWUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-fW0Uo7CMA4vhvjWd58PWUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Sun, 30 Apr 2023 01:36:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6993 0
0 36ms
36ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250201&jk=4397437491346622&rc=
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame C519
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

28ms
26ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame C519
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

24ms
24ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame C519
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENj72o9thlkUkRexV_9SMmI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

26ms
26ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENj72o9thlkUkRexV_9SMmI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENj72o9thlkUkRexV_9SMmI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C519
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx

170 B
188 B

39ms
38ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame C519 0
431 B 99ms
95ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=903593474721348424261&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F90AE15A6DE24A2481525D35FC00F815 Ref B: YMQ01EDGE0512 Ref C: 2023-04-30T01:36:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g7wRW3FLVM9/TXODxA==

GET
H2

200

xuid
eb2.3lift.com/ Frame C519
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=903593474721348424261&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=06b9933a-533c-41c6-91b5-0cd70deb93c4&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=06b9933a-533c-41c6-91b5-0cd70deb93c4&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=ff5b3138-2563-4038-9b6c-845f2d13e689&ssp=triplelift&expires=30&user_group=5&bsw_param=06b9933a-533c-41c6-91b5-0cd70deb93c4
https://eb2.3lift.com/xuid?mid=2409&xuid=06b9933a-533c-41c6-91b5-0cd70deb93c4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

25ms
25ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=06b9933a-533c-41c6-91b5-0cd70deb93c4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=06b9933a-533c-41c6-91b5-0cd70deb93c4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 30 Apr 2023 01:36:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame C519 42 B
669 B 78ms
40ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=903593474721348424261&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
last-modified: Mon, 24 Apr 2023 16:43:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A05FA1B12CB455EBE6DCE00A2C2093E Ref B: YMQ01EDGE0610 Ref C: 2023-04-30T01:36:26Z
etag: "97b0d0f2cb76d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame C519
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/903593474721348424261?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eLZ4B.NE2oS3WRm1HXoJu3cHrKJ7IqHFxr0imsD4ug--~A&dongle=0883

37 B
354 B

25ms
25ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-eLZ4B.NE2oS3WRm1HXoJu3cHrKJ7IqHFxr0imsD4ug--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 30 Apr 2023 01:36:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-eLZ4B.NE2oS3WRm1HXoJu3cHrKJ7IqHFxr0imsD4ug--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame C519
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://stags.bluekai.com/site/23178?id=qxwoupX_ZC5W1nCdfI0e&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OF4HO33VOBMF6...
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=qxwoupX_ZC5W1nCdfI0e

37 B
354 B

26ms
26ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=qxwoupX_ZC5W1nCdfI0e
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:26 GMT
Content-Type: text/html; charset=utf-8
Location: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=qxwoupX_ZC5W1nCdfI0e
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame C519
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=4111871771392428841&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

26ms
26ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=4111871771392428841&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Sun, 30 Apr 2023 01:36:26 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8b18827d-f692-411c-8c53-16894b0d37de
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=4111871771392428841&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3465
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

25ms
25ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 3465
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

29ms
28ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3465
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENj72o9thlkUkRexV_9SMmI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

26ms
26ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENj72o9thlkUkRexV_9SMmI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENj72o9thlkUkRexV_9SMmI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3465
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx

170 B
188 B

36ms
36ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTAzNTkzNDc0NzIxMzQ4NDI0MjYx
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 3465 0
146 B 110ms
101ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=903593474721348424261&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 79AF396C70A24C6D8E93E6A05DD6A54D Ref B: YMQ01EDGE0512 Ref C: 2023-04-30T01:36:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g7wR3HNgcFVB0VTp+g==

GET
H2

200

xuid
eb2.3lift.com/ Frame 3465
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=903593474721348424261&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtriplelift%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtriplelift%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=f2c57b0d-b492-5378-91d5-23c7f598e5dd&ssp=triplelift&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2409&xuid=06b9933a-533c-41c6-91b5-0cd70deb93c4&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=

37 B
354 B

25ms
25ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=06b9933a-533c-41c6-91b5-0cd70deb93c4&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=06b9933a-533c-41c6-91b5-0cd70deb93c4&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date: Sun, 30 Apr 2023 01:36:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 3465 42 B
286 B 52ms
40ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=903593474721348424261&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:25 GMT
last-modified: Mon, 24 Apr 2023 16:43:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49AE59DC74584B27A2932A74694EAD55 Ref B: YMQ01EDGE0610 Ref C: 2023-04-30T01:36:26Z
etag: "97b0d0f2cb76d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 3465
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/903593474721348424261?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eLZ4B.NE2oS3WRm1HXoJu3cHrKJ7IqHFxr0imsD4ug--~A&dongle=0883

37 B
354 B

25ms
25ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-eLZ4B.NE2oS3WRm1HXoJu3cHrKJ7IqHFxr0imsD4ug--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 30 Apr 2023 01:36:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-eLZ4B.NE2oS3WRm1HXoJu3cHrKJ7IqHFxr0imsD4ug--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 3465
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://stags.bluekai.com/site/23178?id=kTepWDR505hdHBtUjos6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NNKGK4CXIRJDK...
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=kTepWDR505hdHBtUjos6

37 B
354 B

27ms
26ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=kTepWDR505hdHBtUjos6
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:26 GMT
Content-Type: text/html; charset=utf-8
Location: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=kTepWDR505hdHBtUjos6
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3465
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=4111871771392428841&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

24ms
24ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=4111871771392428841&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 01:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Sun, 30 Apr 2023 01:36:26 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 33d5c8f5-d3d9-4268-af30-e48b5981bf6c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=4111871771392428841&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 62C9 34 KB
10 KB 39ms
38ms Script
text/html 23.211.130.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.130.59 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-130-59.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0a8234ae0bf731640ca703114824b08245f80e46f4b8d3f202dd1ad4bf023817

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 04:51:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11701
Connection: keep-alive
Content-Length: 10020
Expires: Sun, 30 Apr 2023 04:51:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2964 0
0 38ms
37ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=1643142864910516&rc=
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5548 0
861 B 18ms
17ms Script
text/html 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:26 GMT
AN-X-Request-Uuid: d04e388e-354c-4f9b-a756-6353acd04c90
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DBA2 0
861 B 34ms
34ms Script
text/html 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:26 GMT
AN-X-Request-Uuid: 012a3103-4d19-4364-afa6-a5d01a5f7bde
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame EF5D 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 278874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:08:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5853 0
10 B 20ms
19ms Image
text/plain 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ejOWiw
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EF5D 0
10 B 20ms
19ms Image
text/plain 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KrJ-iw
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK visibility Show response
api.cxense.com/public/widget/ 49 B
665 B 26ms
26ms Script
text/javascript 86.109.7.56
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/visibility?callback=cXJsonpCB6&json=%7B%22impressions%22%3A%5B%7B%22clickUrl%22%3A%22https%3A%2F%2Fapi.cxense.com%2Fpublic%2Fwidget%2Fclick%2FO8C1FKHwxexQSbD7tLcAh-NNfCy2tfsCnr2hVRAZqv_Yqrh-pazoaDLsaiZ9ZRblAhvZtHx75pTU8SXxPni9BBtjDwfdcKyJmnpvSgoW-5LoXI7q6Wvnb7qvV7RNMxusP_Y2a6Sk3vYYf9T_OiamPR_1J-jTWCJTHPRqJqTlONDOPycxyKzd6WE_VIXXdmkFdwbkaCtsZZBP_UBPjfQY59f955Kdmy1u35yxElrPbdUc52lgFoubljIkdmh13neVtLwqNIIM_t-y-EkKYHt0B4xuDCgxstkgOFvx8zDo6Rrz9pIUEXSWfnGjp9mGsmVdd8-lgf4v6iVtsniOVQj89loDqPum91QmkWnpUWsY0qv5uptnZpeyDtlJkGb16-DM2VKddRP-2KX-Gu75ngg4zQTHc7QNbHS-G1IxMs31pc4my2CKALb-EsHrehjhspbiLCefx8DUZfMItEh-5oiNsGS0Q6cBo7bAp3jk8rX_etvdwpbs1mfubcNJ6xmV2jx583IXLHP2XsW8c9xkma9WV4z5iyb5LMx_GZ6CW3ejAWH2d-AVHscxCA1ZXgx7aIJ7m4dsJXcvlCSSs3R0cCKKnZ0zmCTNwpNANvW-hwOMUHV7JAx5dhMfEhbOST9w2AqK5OrmcVB8JF58MTGGw7PIXJmrVDoIGRJHy4F2Mk_wudMGnvq49QJxYCk091HVnYNNZee3FoTgjHiJZKC0DaiTeobRmi7OEsIKw7eSTX6GvEw556Cwlw0%3Fcx_testId%3D18%26cx_testVariant%3Dcx_70%26cx_artPos%3D0%22%2C%22visibilitySeconds%22%3A1%7D%5D%7D

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

dce41ec4e1d60569fee9de13c5cc433741c4b0ebeba99ca8cfd964303ea2acb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 container.html Show response
c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5993 6 KB
3 KB 20ms
20ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:26 GMT
expires: Mon, 29 Apr 2024 01:36:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bl-e09f10f-df0b19b9.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ Frame F56A 56 KB
24 KB 30ms
28ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/bl-e09f10f-df0b19b9.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa065ed34771276c21452124fcf2439750da791869a5ecc1fab3e9a41795cc44

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 00:57:53 GMT
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
x-amz-version-id: _6bJQno5St2oQYNFnatDV0RSo_xpKGoS
x-amz-cf-pop: ORD51-C1
age: 88715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24386
x-amz-meta-git_commit: e09f10f
last-modified: Sat, 29 Apr 2023 00:57:25 GMT
server: AmazonS3
etag: "dd21d255deb6e0da75a8cbc4b9009f61"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AGH8kBvwYsjs0d0bPP9-iy98yV9XYxBUMV53A547RaO_hxWIsu0X9g==

GET
H2 200 b-8db6969-57aaf79f.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ Frame F56A 69 KB
26 KB 36ms
34ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63e5289e179564b3cf4ce26d0d4831e6950c3d445c23359b604681032c9e32bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:05:49 GMT
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
x-amz-version-id: hb5CoUKJh9ugIoA40ipfbWU5spAS3Ccg
x-amz-cf-pop: ORD51-C1
age: 1067439
x-cache: Hit from cloudfront
content-length: 26656
x-amz-meta-git_commit: 8db6969
last-modified: Mon, 07 Nov 2022 21:55:19 GMT
server: AmazonS3
etag: "cb1f115bbcd7235df3a06c8892303839"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: px2mHUOg7xv5SFj0eK2vlFr54H31dn58Brz0tGJ2_4dRcGKzsdKmZw==

GET
H3 200 4327677361219039819
tpc.googlesyndication.com/simgad/ Frame F56A 114 KB
114 KB 25ms
24ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4327677361219039819

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfea140d0fccd1fdc66db05dffc4bbd0cec97502c0b888fd040302be7e102568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 08:41:36 GMT
x-content-type-options: nosniff
age: 60891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117131
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 00:07:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 08:41:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame F56A 3 KB
1 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:59:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F56A 0
0 39ms
37ms Image
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgz6BFVoK05cuq-rFcSld-asnc91XD_rmCfA8jxwlAlOhUkxX43dCNrCQmyM-T_232B43U-Xpf_2MRQDLTWj-zVOe9gA
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F56A 158 KB
48 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 01:36:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/globeandmailcw746817534845/ Frame F56A 10 KB
4 KB 19ms
18ms Script
application/x-javascript 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/globeandmailcw746817534845/moatad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b9c03a4a1648529cfd85c7457194defd9055f81b209612c41ba41d0dc38f7e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:27 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:54:20 GMT
server: AmazonS3
x-amz-request-id: 4ZA6S4ZYT1KBB1NR
etag: "5b13c58382e9f127c50cab48a139a351"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=32445
accept-ranges: bytes
content-length: 3877
x-amz-id-2: htHv7z1ck4XqnbdgUwsjhMBsE422ppCWrb9JUMObSGU5pmgg00rMdXYO+owfMR4U3tCEElfLFXo=

GET
H2 200 bl-e09f10f-df0b19b9.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ Frame 5993 56 KB
24 KB 30ms
29ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/bl-e09f10f-df0b19b9.js
Requested by: Host: c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa065ed34771276c21452124fcf2439750da791869a5ecc1fab3e9a41795cc44

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 00:57:53 GMT
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
x-amz-version-id: _6bJQno5St2oQYNFnatDV0RSo_xpKGoS
x-amz-cf-pop: ORD51-C1
age: 88715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24386
x-amz-meta-git_commit: e09f10f
last-modified: Sat, 29 Apr 2023 00:57:25 GMT
server: AmazonS3
etag: "dd21d255deb6e0da75a8cbc4b9009f61"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 26NMvl-34Oix7dSXEjzse2Q1omNk9zbJ3C7UYk4xImQndJB4jAxM0Q==

GET
H2 200 b-8db6969-57aaf79f.js Show response
tagan.adlightning.com/newscorp-barrons-aps/ Frame 5993 69 KB
26 KB 34ms
33ms Script
application/javascript 13.249.141.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Requested by: Host: c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.141.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-141-37.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63e5289e179564b3cf4ce26d0d4831e6950c3d445c23359b604681032c9e32bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:05:49 GMT
content-encoding: gzip
via: 1.1 9544538048b67636eed3ec04c11d909a.cloudfront.net (CloudFront)
x-amz-version-id: hb5CoUKJh9ugIoA40ipfbWU5spAS3Ccg
x-amz-cf-pop: ORD51-C1
age: 1067439
x-cache: Hit from cloudfront
content-length: 26656
x-amz-meta-git_commit: 8db6969
last-modified: Mon, 07 Nov 2022 21:55:19 GMT
server: AmazonS3
etag: "cb1f115bbcd7235df3a06c8892303839"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JFItLWT8YkdvSIMamtUbFllDIEsHf9nQdLylDael9BzM8ZbDk5Rc-Q==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA72 0
0 52ms
50ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250201&jk=4397437491346622&bg=!bW6lbjrNAAb9Sbh13Uk7ADkAdvg8WqapljydWMQsYJYhHQOk48RkKyebgEjh7jwGCtddC3DfNgBp8zNRpNBqMsEC-a6Sr8xtdbQCAAAAjVIAAAADaAEHmQLrIciuOrEyWjQXsh9iggJHQ87n4rpmJsSY4joB6Q5rRitMJ_RG0ajGIyBM772Nah-4q89rM2ts7v1XuwBPpt5NCosGA_baVmfTXiBEaVypLzjlbiILy59SIOGbH9khK0AVdm4MO1YU8NNsSRO8pQQE1bGQw_dOZUMiDvcKPfnQoQ9HawRp9N-QjHLlquPBIsjYCvGTJyBU6Tb97wZyysqHjvm91-Id-rp18bLER9Aay5YllzMi_0sB-7XO6FVCnOkrbB9seoVL9TmRfY3tO6ABZqWpWxQXwiqhNVQrD0RVbkIQ7xiSChMDVDpW-5tklVQzE5dt5utTPVbfspo_2_rneYsDf15CIaKAHjvvo1-Ntgjc2ta4Tyvkb1mrqTiKF-ISRI9hzT_3EL6woveZsfP_bKcdkU5eDDEnKZQLHM4Ni6I0sP7LCw2wS2wAxwZ32HS3ed_48WhSUEaCUyuWKK-Ly-i0AJbAwb6yXiOwN0ybV3H86uNPc_gYNecMWowwYbvpUOvzzmdumR1VG0fju1pkE31Ejqt793SpvOaigl7ffIa5OHIfa1zv-Fo9QIbpTi2lzYVlwDBuiofpmnSoIKpyjb1-ECyW0K5y3YrplOObP_0rXA_5AdzRj5ajMUmj3oFM_Cw6KQJdevk9gZ_dME9xoYge4p0_u-WgzZkG_oJpinHP3ZfxpFH_RKa0gZ3Zi7BoXnTtG7hRXrDpDBcwGgCQ1GmdICwvXi7W3a_PCREJs29jGuQyvBnn1aDylSgRr9-s7CDnIiesjWhiFhzBc-WAKMwHNDr1jdOg4accvF2aHUfzcUhXGXNdU0PumLGuHDhquelrw6YcBBvkQlb7fZocfu-ev7EruQ7V44Bqt7ccdDMUay_A4e7zBhz5IzDoi7nOT3Qyb1z5uJtaiOKaos461zM73vsZWpLnGN_TZEGXLgSuKYUXLNcPd4NZjLpHXKS3Hlv5zlV2cNACW0k-_qinRJf51VBVTLXa_vGY
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 27CA 0
0 80ms
79ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=1643142864910516&bg=!FRalFkLNAAb9Sbh13Uk7ADkAdvg8WnExgroZ6rgibi8FVFjmEwHk9kKRl1K_2Qg-ATfs2X8zkO_v0nPH6Fab0PgtvJn0TXEtG64CAAAAa1IAAAADaAEHCgAfOyg_5nL6qelvIWWtYxbVslQGpEAuA4-usvOXTlGMlJkC_asNa9jabkna3xmbn0zLAqQ1exOFG4pjMitZssr3WibsiqIrOQG0xLTV7sVt7uIVuSJGQN5Z7qeW1JP5hhIjUb7I7oLWm1tiUi-qrRU_lbad6mYYt9BkP6V1QPMHUc96WFogsplvG8bIFNqALMiatChr-13o0nynTuSOJ4VBkN4_TnnxDake2qNw_YD8DeuGNGaePKQM3jG127jOi1x3yYmMlC4xFHyT3kEtIN_Z4Bq6QQiq-A2MUtHLeeQwZWiYaEEqxahioUuXg4V268jkXSnCjeCVx_I8i0abh9v6meqC-7w7Ox8RqbiPm8klYpxIUm7WIuFHzvX7PfmoTdb0zVJqDo4kOM0jbRTIVyzlgzGZvbixG5TmgxaXnIi3Z4KeuwXPkSt1ySw13VSTvY152gr7Y-lKmQvuOgR4b06lTWcJ-qvn4O4CQl9Jjd6URvTlPTncsl0_vBWGL-C22AFixnjX0pOM7tmUipfxOfpYL33gy20JTdQgmfQDac58j6n_ULDC1S4G0xqLjRmbp966o0ZH-bKMqmDTm_o9Fi-8Aj6Vs9qRZAXAYautZmUEFiqrRBUsiivZxiUi4PwcsKV35kNhm53kbOWHCsglfBYxBE_kdV5hj8-DhqcJDNeMSlfp21JXuFVAaYnJeQbShv7P3GiXdaMOGUXBKYpxgyCQYtSmu3oefXnWzkdmigLz6G34xcPL4OjmlxC7zW12NG7ZnWhBdpX0EtAyoIllCk7GrQ451E8jah3DQhGa_adiFaHcSrOrnf8pkyCr647b4QDN78ESY-V6MKhR_DSWoQqSFniY3LWfNJ6mQYW3rahzIxQl-MMdWCNWhhKZf9SzdV_cYsyaw5Pgq23f155ramdBALFFJt0wW2iw2jbfJY2kIq31fsv1xGyy9VEiDsVXJ7mdJRvbTjLBl2HDHv83T7gs_gBrZ7pHRAeGaC8MaYO8TmIBnl6KhPOLxJ9zwO1CBvmx4D95lIAokVy8Z6xST8zWjlibREAKMlXkOOQ7dzQdIQ
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F56A 0
0 41ms
41ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJTLYpACGvELMoT9Fu_flD_MVQsgfRAH0JsWfdO1j1dcd-GdiOiqlnHCxlCSQtkhIk6YSwWRKzvoheNfbr7K10jmx2cdgz06x4pr5mLgkGZUDlWr40z5trNZR-RCfgEapAx5AzapkKEIFcqIeIjTnMDGXAtmCc875nbNmAK0pT-GWgBLX6QL_8t0HsoAvCqCjgoqa07oISPUs5oP1kbpFLtlbhv2VHedMoM63HErmCNmvs2wGUGwrAV8v0tWYgK0mKt-DHG2_-V6PtFovUqt-mxOWV2Gvb6DegJARh9RqJBsf2903JInZb92S6DvOXPizVGPI8z6VLTpIM3dSgXGY0Sg&sai=AMfl-YQCDwMZ8ogBLJ6WSDL1_Kzmtjo6OaT_eqsbCPOL5CGqwoqMROEr-SGJxopmy0Th1FRBihh2_iH99IhaC66R0jrYtWC3LNnbSm4hLWaAvodWcXlRCAMvMg3ivH8r1KM&sig=Cg0ArKJSzGhkiQ7e_SBkEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F56A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 886c0cbcd963f55024c61e1440adfeef7e5f1ae8dc200a63edc4cccb05db4001

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ii.js Show response
mb.moatads.com/ 43 B
215 B 37ms
37ms Script
text/html 52.14.9.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=5434609679&callback=lineItemInfo5434609679Callback_45918183
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.9.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-14-9-78.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 99fc4f04be007c09de16f87a9473ec3b9b08932251906e959dff063b7eab922e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "c78b393b08428a7209829589396c2ba5010bdcd8"
content-length: 43
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
mb.moatads.com/s/ 428 B
601 B 42ms
42ms Script
text/html 52.14.9.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&pcode=dowjonesheader64568365681&ord=1682818582177&jv=1810247053&callback=BrandSafetyNadoscallback_45918183
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.9.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-14-9-78.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 7381a204cdb6c73ae24fea0ddf0bda5abcb123cf656dd699a0932e4bc15abc4f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "56a23cd57c62aff91760c5675ef5077b92fe6528"
content-length: 428
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=4&kq=1&lo=6&uk=null&pk=1&wk=0&rk=1&tk=1&zLoadLag=3479&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4327677361219039819&i=WSJ2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&f=0&j=&t=1682818582177&de=583388707248&rx=515295686533&cu=1682818582177&m=5693&ar=05dda1dc992-clean&iw=63e4407&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3769&le=1&lf=601&lg=1&lh=26&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A458%3A458%3A0%3A1087&as=0&ag=176&an=0&gf=176&gg=0&ix=176&ic=176&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=176&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=352&cd=0&ah=352&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=21740306%3A2725126698%3A5434609679%3A138318056594&cm=16&bo=50396786&bd=21759246547&gw=dowjonesheader64568365681&zMoatOrigSlicer1=50396786&zMoatOrigSlicer2=21759246547&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatAdLocation=RAIL&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatSZ=300x250&zMoatHT=250&zMoatWD=300&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tz=RAIL&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=203310&na=211445651&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:27 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F56A 0
0 83ms
82ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvrAI05TtRyJ3BNevVwt4tfvzQyjSvmaxJFGb_sQSHer_s2AwsCDR26izZP-SgmfLaBYCPUSgVLWxs_tKlJ8n6p1b7Ir2Aeyn-hWhHW-NxFSkgef60BlotIr6YLtUensGiM8fPEEonm1KxNhkStWkRMgpjxdVD-6YJBjlKaQmIbgIiPQfYCQJiUo7MLPOG855SaPC5VofV2tDdqawAsg9_fQWDbpUQwXMIQ79k6C6BE4GR6uLQO3ryJrttGse74ZX1y1fVjX6oXNDl3nkG5Mz4uI04LZLSFihODh_8KcYfxhb57T_7s6uxn5eraOgK_D_5W2tmjn-OjsD2DHguRYn--ePe&sai=AMfl-YQ4_fHDDdg7H-c2vMbG5RXtzmMVUaoQ_eBpx6ikKUSxk-VUU92xb2O6d-bW6slogNZFUH0WVXSV9E5GDWEFYad6qn7AkzQyzl_D5jxgDuvb_VJki7mjjddTnoy5j8o&sig=Cg0ArKJSzEoGq8c74I9bEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 moatcore.js Show response
z.moatads.com/globeandmailcw746817534845/ Frame F56A 335 KB
114 KB 19ms
18ms Script
application/x-javascript 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/globeandmailcw746817534845/moatcore.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bd0dac8145c625ca28dd84fc7bdab686367d604942013fac37d2bcd3afc60612

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:28 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:54:20 GMT
server: AmazonS3
x-amz-request-id: 4ZA31PV9WD7XFBBC
etag: "8ff98895a707b08d686e1876e503cd35"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=32426
accept-ranges: bytes
content-length: 115668
x-amz-id-2: Xj8jor08YEXmoJoxL+Zuo+kfo9VCDTh+bPUKMg6czSpd5ONkJLPI914Dxh1Ulo6BITl+Uu5MEMoAMdKuLSLHOQ==

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/ Frame 99E2 199 KB
32 KB 25ms
24ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19b17f483b6971c1e33254a78a8f147514713f43a199266b93739ff2d2187915

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 68711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 33108
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 06:31:17 GMT
expires: Sun, 28 Apr 2024 06:31:17 GMT
last-modified: Thu, 12 Jan 2023 07:23:50 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5993 0
0 94ms
94ms Fetch
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CX0sSGsZNZPXGEoz0zwX7n4SoBayogblu_uKchO8QsJAfEAEgi_CKH2D96KKB8AOgAb3d7NcDyAEJqQJGi0ye9T1KPuACAKgDAcgDAqoE6QJP0JPXn7tXfiJL8C0RD0V7CtmqqOQElweXRHcujBglZ1D67RyaiArPgM7WotDAOQ3uCgZflqVop10St3mbcLii4tIWD99aE_1UIlTm-oN_7cUaQZ5O6BHWbPg5ps3JOeROYJuF7Ui4DPMb5fR6TEVVSARgHTr5ebQyKRhSQpcGeA75Los5_a1MddPmhSE-zZfcrPPFdSvExiJgv2c4UfyznxQwXTo4JWWokFtdUN5CKZd2jaiplPSIZjIawF2gFngUsaWXyiLB4H0fGNnvdMsRqqUNG7T2zU9jMjBvfTiNeIQCvE4znzTAZuS05eiSLTYQPHBkH6iFu6vrbp593hQmCVCvP-Kinj7PKpeDVUGV57U8hocjrnKPAe9KVoLqafqUS8Ups6TU0W7-45ZQn6Pyfvr2sjm8GNLzV-mNLa5FZCgul4fFfHGmcC-cuzfSv-gVpQFCJfLGhL-fdaXQJXJxhPyQP5OZV-FOwAT1traKmwTgBAGSBQQIBBgBkgUECAUYBKAGXYAHq6KTKKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEIKokAHSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTcwOTY2NzYzMjk0NTY0OTCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDM3NzUxMzgwOTA4MjA3ORiasg8&sigh=IwUXGymx9M8&uach_m=[UACH]&cid=CAQSPABygQiDLwxFRjOVgK_A57sSrIME1aZk4h6ewZdvXRf6KT5tsLoVWJIbJyKFP4SSHLeqF5f_ZztzTYhYhhgB
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BAD8 143 B
166 B 22ms
20ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:32:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5993 3 KB
1 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:59:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5993 19 KB
8 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:59:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
18ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GLOBEANDMAILCW1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1682818588286&de=356434486259&m=0&ar=81c6b5a9873-clean&iw=7bae01e&q=8&cb=0&ym=0&cu=1682818588286&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5288551890%3A3178711352%3A6263863123%3A138428413013&zMoatPS=flex&zMoatDA=Daily%2CTechnology%2Carticles%2Cbarrons_technology%2Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377&zMoatH=250&zMoatW=300&zMoatPT=other&zMoatAllAdUn=%2F58%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&zMoatAU1=tgam.wsj&zMoatAU2=barrons%20%7C%20barrons_technology&zMoatSZ=300x250&zMoatOrigSlicer1=5911386&zMoatOrigSlicer2=22069168355&zMoatLoc=art&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&bo=5911386&bd=22069168355&dfp=0%2C1&la=22069168355&gw=globeandmailcw746817534845&fd=1&it=500&ti=0&ih=2&pe=1%3A458%3A458%3A0%3A1087&tz=flex&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&jm=-1&fs=203238&na=1336358165&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 110ms
19ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=176&fi=1&apd=352&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318056594&S1id=50396786&S2id=21759246547&ord=1682818582177&r=583388707248&t=meas&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatAdLocation=RAIL&zMoatMGV_MAX=slotNoHistData&zMoatWD=300&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=300x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=1&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 113ms
23ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=176&fi=1&apd=352&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318056594&S1id=50396786&S2id=21759246547&ord=1682818582177&r=583388707248&t=fv&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatAdLocation=RAIL&zMoatMGV_MAX=slotNoHistData&zMoatWD=300&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=300x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=2&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 112ms
22ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=176&fi=1&apd=352&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318056594&S1id=50396786&S2id=21759246547&ord=1682818582177&r=583388707248&t=nht&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatAdLocation=RAIL&zMoatMGV_MAX=slotNoHistData&zMoatWD=300&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=300x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=3&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 111ms
22ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=176&fi=1&apd=352&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318056594&S1id=50396786&S2id=21759246547&ord=1682818582177&r=583388707248&t=bs&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatAdLocation=RAIL&zMoatMGV_MAX=slotNoHistData&zMoatWD=300&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=300x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=4&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 111ms
21ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=192&fi=1&apd=368&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318056594&S1id=50396786&S2id=21759246547&ord=1682818582177&r=583388707248&t=hdn&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatAdLocation=RAIL&zMoatMGV_MAX=slotNoHistData&zMoatWD=300&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=300x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=5&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 110ms
21ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=195&fi=1&apd=390&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318132774&S1id=50396786&S2id=21759246547&ord=1682818582177&r=158388328472&t=meas&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=970&initH=250&initSRE=0.12630208333333334&zMoatAdLocation=L&zMoatMGV_MAX=slotNoHistData&zMoatWD=970&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=970x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=1&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 23ms
19ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=195&fi=1&apd=390&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318132774&S1id=50396786&S2id=21759246547&ord=1682818582177&r=158388328472&t=fv&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=970&initH=250&initSRE=0.12630208333333334&zMoatAdLocation=L&zMoatMGV_MAX=slotNoHistData&zMoatWD=970&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=970x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=2&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 25ms
21ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=195&fi=1&apd=390&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318132774&S1id=50396786&S2id=21759246547&ord=1682818582177&r=158388328472&t=nht&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=970&initH=250&initSRE=0.12630208333333334&zMoatAdLocation=L&zMoatMGV_MAX=slotNoHistData&zMoatWD=970&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=970x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=3&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 25ms
21ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=195&fi=1&apd=390&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318132774&S1id=50396786&S2id=21759246547&ord=1682818582177&r=158388328472&t=bs&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=970&initH=250&initSRE=0.12630208333333334&zMoatAdLocation=L&zMoatMGV_MAX=slotNoHistData&zMoatWD=970&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=970x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=4&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 24ms
20ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=199&fi=1&apd=394&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318132774&S1id=50396786&S2id=21759246547&ord=1682818582177&r=158388328472&t=hdn&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=970&initH=250&initSRE=0.12630208333333334&zMoatAdLocation=L&zMoatMGV_MAX=slotNoHistData&zMoatWD=970&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=970x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=5&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 99E2 2 KB
893 B 83ms
35ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:regular,600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f7c59be18087cb8a5b0ad5952907aaffd91125c4f585228dca26508eccb08e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 01:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 01:22:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 99E2 16 KB
6 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 30 Apr 2023 16:40:34 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 99E2 34 KB
13 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 03:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 30 Apr 2023 03:59:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
19ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4327677361219039819&i=GLOBEANDMAILCW1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&f=0&j=&t=1682818588286&de=356434486259&cu=1682818588286&m=28&ar=81c6b5a9873-clean&iw=7bae01e&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3769&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A458%3A458%3A0%3A1087&as=0&ag=4&an=0&gf=4&gg=0&ix=4&ic=4&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=4&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7&cd=0&ah=7&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5288551890%3A3178711352%3A6263863123%3A138428413013&bo=5911386&bd=22069168355&gw=globeandmailcw746817534845&zMoatOrigSlicer1=5911386&zMoatOrigSlicer2=22069168355&dfp=0%2C1&la=22069168355&zMoatPS=flex&zMoatDA=Daily%2CTechnology%2Carticles%2Cbarrons_technology%2Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377&zMoatH=250&zMoatW=300&zMoatPT=other&zMoatAllAdUn=%2F58%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&zMoatAU1=tgam.wsj&zMoatAU2=barrons%20%7C%20barrons_technology&zMoatSZ=300x250&zMoatLoc=art&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tz=flex&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=203238&na=995111284&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BAD8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:28 GMT
expires: Sun, 30 Apr 2023 01:36:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 01:36:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5993 0
0 40ms
40ms Image
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUquBTSsjHku6zcR8f7Bp17AtgiHk_UHSlLSo3XpC9WINUMMBoBJYmIf4vKrdx9yUschspzu7IT7AKfGZINmzn6y4sEA
Requested by: Host: c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5993 158 KB
48 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
DATA 200
OK truncated
/ Frame 5993 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dc96464188215020497505ffa63d8b01c2302945fb4854d1fa3914cd41e7bda

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 99E2 8 KB
8 KB 72ms
22ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 02:13:29 GMT
x-content-type-options: nosniff
age: 170579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 02:13:29 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 99E2 8 KB
8 KB 70ms
20ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:13:46 GMT
x-content-type-options: nosniff
age: 22962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:13:46 GMT

GET
H3 200 radix_logo_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/ Frame 99E2 12 KB
12 KB 21ms
20ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/radix_logo_white.png

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ceb4d0e947462575b9212649e6c608db281f376f7baea3e40ba7a665be65884

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Apr 2023 20:52:02 GMT
x-content-type-options: nosniff
age: 17066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12182
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 07:23:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 20:52:02 GMT

GET
H3 200 3D_hands.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/ Frame 99E2 40 KB
40 KB 22ms
21ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/3D_hands.png

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb659f55daa2d360c3721e411cd1797004fc5bfcfd23602a38cec34049404b44

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Apr 2023 20:52:02 GMT
x-content-type-options: nosniff
age: 17066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40954
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 07:23:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 20:52:02 GMT

GET
H3 200 dashboard.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/ Frame 99E2 52 KB
52 KB 25ms
24ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10650913673796648960/dashboard.png

Requested by

Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee33011d715a727542383e42836468418bbf7432063fdf723d28f94e878df5f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Apr 2023 20:52:02 GMT
x-content-type-options: nosniff
age: 17066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53293
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 07:23:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 20:52:02 GMT

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame CA72
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=777802&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=767a60e7-63c8-43ae-a513-5ee68f57112a

43 B
631 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=767a60e7-63c8-43ae-a513-5ee68f57112a
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

x-servername: Track004-iad
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:19 GMT
strict-transport-security: max-age=31536000;
content-type: text/html; charset=utf-8
location: https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=767a60e7-63c8-43ae-a513-5ee68f57112a
cache-control: private,no-cache
content-length: 222
expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 27CA
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=777802&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3GFwAAAGOsKwNP

43 B
631 B

56ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3GFwAAAGOsKwNP
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-yyz4582-YYZ
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1682818589.792734,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3GFwAAAGOsKwNP
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=4&kq=1&lo=6&uk=null&pk=1&wk=0&rk=1&tk=1&zLoadLag=3479&ak=-&i=WSJ2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&f=0&j=&t=1682818582177&de=583388707248&rx=515295686533&cu=1682818582177&m=6705&ar=05dda1dc992-clean&iw=63e4407&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3769&le=1&lf=601&lg=1&lh=26&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A458%3A458%3A0%3A1087&as=1&ag=1195&an=176&gi=1&gf=1195&gg=176&ix=1195&ic=1195&ez=1&ck=1195&kw=1169&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1195&bx=176&ci=1195&jz=1169&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1169&cd=352&ah=1169&am=352&xd=00&rf=0&re=1&ft=506&fv=0&fw=506&wb=1&cl=0&at=0&d=21740306%3A2725126698%3A5434609679%3A138318056594&cm=16&bo=50396786&bd=21759246547&gw=dowjonesheader64568365681&zMoatOrigSlicer1=50396786&zMoatOrigSlicer2=21759246547&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatAdLocation=RAIL&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatSZ=300x250&zMoatHT=250&zMoatWD=300&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&hv=friendly%20iframe&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tz=RAIL&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=203310&na=1720792095&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 26ms
26ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1169&tet=1195&fi=1&apd=1371&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318056594&S1id=50396786&S2id=21759246547&ord=1682818582177&r=583388707248&t=iv&os=1&fi2=0&div1=1&ait=506&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatAdLocation=RAIL&zMoatMGV_MAX=slotNoHistData&zMoatWD=300&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=300x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=6&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=4&kq=1&lo=6&uk=null&pk=1&wk=0&rk=1&tk=1&zLoadLag=3479&ak=-&i=WSJ2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&f=0&j=&t=1682818582177&de=583388707248&rx=515295686533&cu=1682818582177&m=6706&ar=05dda1dc992-clean&iw=63e4407&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3769&le=1&lf=601&lg=1&lh=26&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A458%3A458%3A0%3A1087&as=1&ag=1195&an=1195&gi=1&gf=1195&gg=1195&ix=1195&ic=1195&ez=1&ck=1195&kw=1169&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1195&bx=1195&ci=1195&jz=1169&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1169&cd=1169&ah=1169&am=1169&xd=00&rf=0&re=1&ft=506&fv=506&fw=506&wb=1&cl=0&at=0&d=21740306%3A2725126698%3A5434609679%3A138318056594&cm=16&bo=50396786&bd=21759246547&gw=dowjonesheader64568365681&zMoatOrigSlicer1=50396786&zMoatOrigSlicer2=21759246547&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatAdLocation=RAIL&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatSZ=300x250&zMoatHT=250&zMoatWD=300&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&hv=friendly%20iframe&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tz=RAIL&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=203310&na=381465967&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:28 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 224ms
223ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=4&kq=1&lo=6&uk=null&pk=1&wk=0&rk=1&tk=1&zLoadLag=3479&ak=-&i=WSJ2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&f=0&j=&t=1682818582177&de=583388707248&rx=515295686533&cu=1682818582177&m=6706&ar=05dda1dc992-clean&iw=63e4407&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3769&le=1&lf=601&lg=1&lh=26&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A458%3A458%3A0%3A1087&as=1&ag=1195&an=1195&gi=1&gf=1195&gg=1195&ix=1195&ic=1195&ez=1&ck=1195&kw=1169&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1195&bx=1195&ci=1195&jz=1169&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1169&cd=1169&ah=1169&am=1169&xd=00&rf=0&re=1&ft=506&fv=506&fw=506&wb=1&cl=0&at=0&d=21740306%3A2725126698%3A5434609679%3A138318056594&cm=16&bo=50396786&bd=21759246547&gw=dowjonesheader64568365681&zMoatOrigSlicer1=50396786&zMoatOrigSlicer2=21759246547&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatAdLocation=RAIL&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatSZ=300x250&zMoatHT=250&zMoatWD=300&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&hv=friendly%20iframe&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tz=RAIL&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=203310&na=238836176&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:29 GMT

GET
H2 200 pixel.gif
dowjones8650224.s.moatpixel.com/ 43 B
274 B 79ms
79ms Image
image/gif 23.198.217.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dowjones8650224.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1003&tet=1012&fi=1&apd=1207&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=barrons.com&L1id=21740306&L2id=2725126698&L3id=5434609679&L4id=138318132774&S1id=50396786&S2id=21759246547&ord=1682818582177&r=158388328472&t=iv&os=1&fi2=0&div1=1&ait=710&url=https%253A%252F%252Fwww.barrons.com%252Farticles%252Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&mobile=0&click=0&initW=970&initH=250&initSRE=0.12630208333333334&zMoatAdLocation=L&zMoatMGV_MAX=slotNoHistData&zMoatWD=970&zMoatMSafety=unsafe&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatmivr=&zMoatHT=250&zMoatSZ=970x250&zMoatMGV=slotNoHistData&zMoatMMV_MAX=slotNoHistData&bedc=1&q=6&BSD=unsafe&BSC=gs_politics,gs_busfin_indus,gs_busfin_business,gs_law_misc,gs_politics_issues_policy,gs_law,gs_science_misc,gs_busfin_business_admin,gs_busfin,gv_crime,gs_tech_compute_apps,gs_tech_compute_apps_antivir,gs_science,gs_tech_compute,gs_business_misc,moat_unsafe,gs_health&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.217.152 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F56A 42 B
64 B 33ms
33ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbS3Q83vyrT8ShzVQ_N6UgBp0jfbFhFsYeQ9B0ejY_8h_2ky5Xm8aRyYER6tVbUM342GSVtXQJsTlkJmxVTkbGJBWRF0gmOiRx70jjkhK_XikVaHRZ&sig=Cg0ArKJSzDuHO_1GLIEsEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3679014495&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682818587454&rpt=532&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5993 42 B
64 B 40ms
39ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF8nbfXm9JVELl0SGWauzH9Zt_LjGhq4BEk-NTFrTi-jBAte_WJrVTgzpyXA5oRi2LFpF2tvRWgQCgt-dZi9p64BS4FsOxsVQWdmU3p5-jpX16TYp-pGk8N6og4Ify24CtsqA&sai=AMfl-YQzZqa0Fhl-oD8GKdWijy-QZbZm6GayTRL4QyxF9vClKVkTFyFSYUGVlizxVAENI0owVPD8vmdj4AMAPdmrBy3PDAqTYRM0pFa2SrWzAFr_QuzNbqXIyUS8zmcg&sig=Cg0ArKJSzBkPKUldC1o9EAE&cid=CAQSPABygQiDLwxFRjOVgK_A57sSrIME1aZk4h6ewZdvXRf6KT5tsLoVWJIbJyKFP4SSHLeqF5f_ZztzTYhYhhgB&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2278340195&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682818587436&rpt=999&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/newscorp-barrons-aps/b-8db6969-57aaf79f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
18ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=GLOBEANDMAILCW1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&f=0&j=&t=1682818588286&de=356434486259&cu=1682818588286&m=1212&ar=81c6b5a9873-clean&iw=7bae01e&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3769&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A458%3A458%3A0%3A1087&as=1&ag=1194&an=4&gi=1&gf=1194&gg=4&ix=1194&ic=1194&ez=1&ck=1194&kw=996&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1194&bx=4&ci=1194&jz=996&dj=1&aa=1&ad=1099&cn=0&gn=1&gk=1099&gl=0&ik=1099&co=1099&cp=996&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=996&cd=7&ah=996&am=7&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5288551890%3A3178711352%3A6263863123%3A138428413013&bo=5911386&bd=22069168355&gw=globeandmailcw746817534845&zMoatOrigSlicer1=5911386&zMoatOrigSlicer2=22069168355&dfp=0%2C1&la=22069168355&zMoatPS=flex&zMoatDA=Daily%2CTechnology%2Carticles%2Cbarrons_technology%2Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377&zMoatH=250&zMoatW=300&zMoatPT=other&zMoatAllAdUn=%2F58%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&zMoatAU1=tgam.wsj&zMoatAU2=barrons%20%7C%20barrons_technology&zMoatSZ=300x250&zMoatLoc=art&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&hv=GLOBEANDMAILCW1-google_image_div&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tz=flex&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=203238&na=914593505&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
18ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=GLOBEANDMAILCW1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&f=0&j=&t=1682818588286&de=356434486259&cu=1682818588286&m=1213&ar=81c6b5a9873-clean&iw=7bae01e&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3769&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A458%3A458%3A0%3A1087&as=1&ag=1194&an=1194&gi=1&gf=1194&gg=1194&ix=1194&ic=1194&ez=1&ck=1194&kw=996&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1194&bx=1194&ci=1194&jz=996&dj=1&aa=1&ad=1099&cn=1099&gn=1&gk=1099&gl=1099&ik=1099&co=1099&cp=996&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=996&cd=996&ah=996&am=996&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5288551890%3A3178711352%3A6263863123%3A138428413013&bo=5911386&bd=22069168355&gw=globeandmailcw746817534845&zMoatOrigSlicer1=5911386&zMoatOrigSlicer2=22069168355&dfp=0%2C1&la=22069168355&zMoatPS=flex&zMoatDA=Daily%2CTechnology%2Carticles%2Cbarrons_technology%2Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377&zMoatH=250&zMoatW=300&zMoatPT=other&zMoatAllAdUn=%2F58%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&zMoatAU1=tgam.wsj&zMoatAU2=barrons%20%7C%20barrons_technology&zMoatSZ=300x250&zMoatLoc=art&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&hv=GLOBEANDMAILCW1-google_image_div&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tz=flex&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=203238&na=1536748153&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
18ms Image
image/gif 23.196.185.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=GLOBEANDMAILCW1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-RUHTYX5EcQEJWg%3D%3D&sc=1&os=1-fQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&id=1&ii=4&f=0&j=&t=1682818588286&de=356434486259&cu=1682818588286&m=1214&ar=81c6b5a9873-clean&iw=7bae01e&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3769&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A458%3A458%3A0%3A1087&as=1&ag=1194&an=1194&gi=1&gf=1194&gg=1194&ix=1194&ic=1194&ez=1&ck=1194&kw=996&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1194&bx=1194&ci=1194&jz=996&dj=1&aa=1&ad=1099&cn=1099&gn=1&gk=1099&gl=1099&ik=1099&co=1099&cp=996&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=996&cd=996&ah=996&am=996&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5288551890%3A3178711352%3A6263863123%3A138428413013&bo=5911386&bd=22069168355&gw=globeandmailcw746817534845&zMoatOrigSlicer1=5911386&zMoatOrigSlicer2=22069168355&dfp=0%2C1&la=22069168355&zMoatPS=flex&zMoatDA=Daily%2CTechnology%2Carticles%2Cbarrons_technology%2Cfireeye_says_intrusion_campaign_used_tainted_solarwinds_software_51607967377&zMoatH=250&zMoatW=300&zMoatPT=other&zMoatAllAdUn=%2F58%2Ftgam.wsj%2Fbarrons%2Fbarrons_technology&zMoatAU1=tgam.wsj&zMoatAU2=barrons%20%7C%20barrons_technology&zMoatSZ=300x250&zMoatLoc=art&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMMV_MAX=slotNoHistData&zMoatMGV_MAX=slotNoHistData&zMoatCURL=barrons.com%2Farticles%2Ffireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377&zMoatDev=Desktop&hv=GLOBEANDMAILCW1-google_image_div&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tz=flex&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=203238&na=1309626695&cs=0
Requested by: Host: www.barrons.com
URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.185.161 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-185-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 30 Apr 2023 01:36:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 01:36:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.knewz.com
URL: https://tags.knewz.com/prod/ncg/cookie.html

Domain: prebid-server.rubiconproject.com
URL: https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=06b9933a-533c-41c6-91b5-0cd70deb93c4

Verdicts & Comments Add Verdict or Comment

296 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

125 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 13:36:34	Name: sync Value: CgoIoQEQnK63_vwwCgoI4gEQnK63_vwwCgoI5gEQnK63_vwwCgoIhwIQnK63_vwwCgkICRCcrrf-_DAKCQg6EJyut_78MAoJCAsQnK63_vwwCgoIjAIQnK63_vwwCgkIXxCcrrf-_DAKCQgfEJyut_78MA==
.barrons.com/	1970-01-20 11:27:02	Name: DJSESSION Value: country%3Dca%7C%7Ccontinent%3Dna%7C%7Cregion%3Dqc
.barrons.com/	1970-01-20 12:10:10	Name: wsjregion Value: na%2Cus
.barrons.com/	1969-12-31 23:59:59	Name: gdprApplies Value: false
.barrons.com/	1969-12-31 23:59:59	Name: ccpaApplies Value: false
.barrons.com/	1969-12-31 23:59:59	Name: vcdpaApplies Value: false
.barrons.com/	1969-12-31 23:59:59	Name: regulationApplies Value: gdpr%3Afalse%2Ccpra%3Afalse%2Cvcdpa%3Afalse
.barrons.com/	1970-01-20 21:02:58	Name: ab_uuid Value: 76844738-161e-46ae-953a-79b3d8e1a596
.barrons.com/	1970-01-20 21:02:58	Name: usr_bkt Value: 2qgQ1WCa3A
.barrons.com/	1970-01-20 20:12:34	Name: has_optimizely Value: true
.barrons.com/	1970-01-20 15:46:10	Name: optimizelyEndUserId Value: oeu1682818582142r0.6127987665428711
.barrons.com/	1970-01-20 11:26:59	Name: sso_fired_at Value: 1682818582675
.barrons.com/	1970-01-20 20:12:34	Name: dnsDisplayed Value: undefined
.barrons.com/	1970-01-20 20:12:34	Name: signedLspa Value: undefined
.barrons.com/	1970-01-20 20:12:34	Name: _sp_su Value: false
www.barrons.com/	1970-01-20 12:10:10	Name: _pbjs_userid_consent_data Value: 6683316680106290
www.barrons.com/	1970-01-20 12:54:34	Name: vidoraUserId Value: 8c5athtu2jhqeig5f0rb2842og55b8
.barrons.com/	1970-01-20 20:12:34	Name: ccpaUUID Value: 93e32718-2d21-4285-8b62-79ceb3ab503f
.rubiconproject.com/	1970-01-20 20:12:34	Name: khaos Value: LH2QQGXV-10-5Y9F
.yahoo.com/	1970-01-20 20:12:56	Name: A3 Value: d=AQABBBfGTWQCEG430bKvDa-GzOAjeqomkNkFEgEBAQEXT2RXZAAAAAAA_eMAAA&S=AQAAAjVqr3rE24IV6snPlNvk784
.barrons.com/	1970-01-20 20:12:34	Name: utag_main Value: v_id:0187cfcdcad900226d8639e57df803074006d06c00b08$_sn:1$_ss:1$_st:1682820383258$ses_id:1682818583258%3Bexp-session$_pn:1%3Bexp-session$_prevpage:BOL_Article_Daily_FireEye%20Hack%20Spreads%20to%20SolarWinds%20as%20U.S.%20Agencies%20Are%20Breached%3Bexp-1682822183269$vapi_domain:barrons.com
www.barrons.com/	1969-12-31 23:59:59	Name: ResponsiveConditional_initialBreakpoint Value: lg
.demdex.net/	1970-01-20 15:46:10	Name: demdex Value: 00824479668952958801806893003151769411
.barrons.com/	1969-12-31 23:59:59	Name: AMCVS_CB68E4BA55144CAA0A4C98A5%40AdobeOrg Value: 1
.amazon-adsystem.com/	1970-01-20 17:21:12	Name: ad-id Value: A8ekUpceXkZzgj9aWZlj69w
.amazon-adsystem.com/	1970-01-20 21:02:58	Name: ad-privacy Value: 0
.everesttech.net/	1970-01-20 20:12:34	Name: everest_g_v2 Value: g_surferid~ZE3GFwAAAGOsKwNP
.barrons.com/	1970-01-20 20:48:34	Name: __gads Value: ID=b6c9206588c17c3b:T=1682818583:S=ALNI_Mb3jDFGa-PFvppdi-hGS1Gsg7S6nw
.barrons.com/	1970-01-20 20:48:34	Name: __gpi Value: UID=00000be69925cb74:T=1682818583:RT=1682818583:S=ALNI_MastHUr8Sn10Eebxgi_DoBmPNjwIg
.scorecardresearch.com/	1970-01-20 21:02:58	Name: UID Value: 18F3dc11852575e73d6afcd1682818583
.dpm.demdex.net/	1970-01-20 15:46:10	Name: dpm Value: 00824479668952958801806893003151769411
.barrons.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 21:02:58	Name: IDE Value: AHWqTUkHfkUG_jQQAcyve9gpPDNq4JQ2KP6pUIcNdYFjl5kPR0_RlcaA5Emn6Mi-CrU
.barrons.com/	1970-01-20 11:27:02	Name: usr_prof_v2 Value: eyJpYyI6Mn0%3D
.barrons.com/	1970-01-20 21:02:58	Name: AMCV_CB68E4BA55144CAA0A4C98A5%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19478%7CMCMID%7C00837317347190596241810112731770774627%7CMCAAMLH-1683423383%7C7%7CMCAAMB-1683423383%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1682825783s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19485%7CvVersion%7C4.4.0
.google.com/	1970-01-20 15:50:29	Name: NID Value: 511=abn9YaX5ur_S2FEk2FHuaX-Kvh0UmlPLHvMGPsAYRp-0WAIyExgqlejqGMnZfGPonpv-cqnbTlBEoWtc139TdMfbyqsVdRez-6bcjpDbnhRE0me8dcJ3REx29WwyVbJiFRIvJd8jHNZ9w9XtNaZLWzACI9wdgz6odbe_Y7v5lHQ
.barrons.com/	1970-01-20 13:36:34	Name: _rdt_uuid Value: 1682818584418.97d7a685-813e-4289-b1c5-d3d16899be62
.openx.net/	1970-01-20 20:12:34	Name: i Value: 2d316801-f1ee-041b-0e5a-c981af5d8f43\|1682818584
.adnxs.com/	1970-01-20 13:36:34	Name: uuid2 Value: 4111871771392428841
.barrons.com/	1970-01-20 11:27:00	Name: _ncg_sp_ses.e48a Value: *
.casalemedia.com/	1970-01-20 20:12:34	Name: CMID Value: ZE3GGG3jsIdCPmxS8n.oNwAA
.casalemedia.com/	1970-01-20 13:36:34	Name: CMPS Value: 995
.casalemedia.com/	1970-01-20 13:36:34	Name: CMPRO Value: 995
.openx.net/	1970-01-20 11:48:34	Name: pd Value: v2\|1682818584\|vMgavPkWgy
.barrons.com/	1970-01-20 21:02:58	Name: _ncg_domain_id_ Value: 192480c3-b15e-4606-8431-031ce64859b1.1.1682818584.1745890584
.barrons.com/	1970-01-20 21:02:58	Name: _ncg_id_ Value: f9dfbc84-c130-4b57-8ec7-4c5048571df4
.media.net/	1970-01-20 20:12:34	Name: visitor-id Value: 3258201841455362000V10
.3lift.com/	1970-01-20 13:36:34	Name: tluid Value: 903593474721348424261
.barrons.com/	1970-01-20 11:27:00	Name: _dj_ses.c19f Value: *
.barrons.com/	1969-12-31 23:59:59	Name: _dj_id.c19f Value: .1682818585.1.1682818585.1682818585.10e6aac8-7d14-4d13-9e23-d9c75b19f563
.t.co/	1970-01-20 21:02:58	Name: muc_ads Value: 4e377631-fddc-46e0-8349-7f75e62c3155
.twitter.com/	1970-01-20 21:02:58	Name: personalization_id Value: "v1_6dCRq90IFm7sgPdieHm9Fg=="
.linkedin.com/	1970-01-20 13:36:34	Name: li_sugr Value: c2a35dc4-e862-4aed-a96e-61e6ec17e9d0
.linkedin.com/	1970-01-20 20:12:34	Name: bcookie Value: "v=2&f8372c96-2d26-4218-8fbf-4e39ac305d7b"
.linkedin.com/	1970-01-20 11:28:24	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2559:u=1:x=1:i=1682818584:t=1682904984:v=2:sig=AQHzVrjaeRofNTaBjO1xFxvEXSyy__5X"
.barrons.com/	1970-01-20 21:02:58	Name: _cls_v Value: 35b86c01-9784-41f7-a34b-8f4f2b339dfc
.barrons.com/	1969-12-31 23:59:59	Name: _cls_s Value: d288f5a3-8b5e-4584-9ac3-819d5b749725:0
.newscgp.com/	1970-01-20 20:12:34	Name: sp Value: e18d08aa-fc42-484c-9976-0cda7132c302
ws.sessioncam.com/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value: oz1c4yvjlllapc302c5tcccs
.newscgp.com/	1970-01-20 21:02:58	Name: _ncg_g_id_ Value: e18d08aa-fc42-484c-9976-0cda7132c302.3.1682818584.1745890584
.barrons.com/	1970-01-20 20:12:34	Name: _dj_sp_id Value: 4fd1b7a7-5dbb-4b33-8e06-d07a510ff51a
.barrons.com/	1970-01-20 13:36:34	Name: _gcl_au Value: 1.1.1210414193.1682818585
.linkedin.com/	1970-01-20 12:10:10	Name: UserMatchHistory Value: AQJB5YUSbRmLngAAAYfPzdDShXXcZL_GdUvJw1sWQ4eLeMEtUivInOg4p9r6xFCWRS0Rg2d4V3tHsg
.linkedin.com/	1970-01-20 12:10:10	Name: AnalyticsSyncHistory Value: AQJ9EuxO5SDE-gAAAYfPzdDSeBaRG8l57lgE6flctrNTs8dXhSIRZHyvRFphbj2Nvr94DyEwF2fnacpai3Vu4g
.analytics.yahoo.com/	1970-01-20 20:12:34	Name: IDSYNC Value: "18y3~2bdd:1929~2bdd"
www.barrons.com/	1970-01-20 11:28:24	Name: ln_or Value: eyIyNjQzMDciOiJkIn0%3D
www.barrons.com/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value: oz1c4yvjlllapc302c5tcccs
.adsrvr.org/	1970-01-20 20:14:00	Name: TDID Value: ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c
.taboola.com/	1970-01-20 20:12:34	Name: t_gid Value: 3721e327-f420-4269-9fc9-e37730ba6d6f-tuctb474b98
.ml314.com/	1970-01-20 11:26:58	Name: u Value: aHR0cHM6Ly93d3cuYmFycm9ucy5jb20vYXJ0aWNsZXMvZmlyZWV5ZS1zYXlzLWludHJ1c2lvbi1jYW1wYWlnbi11c2VkLXRhaW50ZWQtc29sYXJ3aW5kcy1zb2Z0d2FyZS01MTYwNzk2NzM3Nw==
.ml314.com/	1970-01-20 20:14:00	Name: pi Value: 3635328014473494641
.ml314.com/	1970-01-20 11:47:08	Name: tp Value: 4%3b4%2f29%2f2023+9%3a36%3a24+PM%3b0
.turn.com/	1970-01-20 15:46:10	Name: uid Value: 9063842566854529721
.imrworldwide.com/	1970-01-20 20:48:34	Name: IMRID Value: 6b4f1990-e6f7-11ed-bc1a-a705fcdd17a2
.barrons.com/	1970-01-20 11:27:00	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377%22%2C%22sref%22:%22%22%2C%22sts%22:1682818585025%2C%22slts%22:0}
.barrons.com/	1970-01-20 21:02:58	Name: _ncg_g_id_ Value: e18d08aa-fc42-484c-9976-0cda7132c302.3.1682818584.1745890584
.www.linkedin.com/	1970-01-20 20:12:34	Name: bscookie Value: "v=1&20230430013624f2c65a35-9433-475d-874f-97cbedbda254AQHpQP--W2c8JvK9R19KIbLD_dR1wJ-S"
.barrons.com/	1970-01-20 20:56:22	Name: _parsely_visitor Value: {%22id%22:%22pid=0d9d6d24-ae91-455c-a78c-779710d41f62%22%2C%22session_count%22:1%2C%22last_session_ts%22:1682818585025}
.dotomi.com/	1970-01-20 11:26:58	Name: DotomiTest Value: 67d87e3f2d6a15d4
.barrons.com/	1970-01-20 13:36:34	Name: _fbp Value: fb.1.1682818585110.228997091
.barrons.com/	1970-01-20 21:02:58	Name: _ncg_sp_id.e48a Value: f9dfbc84-c130-4b57-8ec7-4c5048571df4.1682818584.1.1682818585..cccea8cb-eb3f-4cb6-9392-28cf1542eb59..4e0f0fc0-b128-47d0-8a37-111fcb492af4.1682818584500.2
.bidr.io/	1970-01-20 20:55:32	Name: bito Value: AACBKE7Im4wAAB-XvqgiVA
.bidr.io/	1970-01-20 20:55:32	Name: bitoIsSecure Value: ok
.1rx.io/	1970-01-20 20:12:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005%22%7D
.openx.net/	1970-01-20 11:48:34	Name: univ_id Value: 537072971\|ac77e4fa-ea92-4c14-b03a-d3c16bb7ab3c\|1682818585199425
.barrons.com/	1970-01-20 20:55:46	Name: _pcid Value: %7B%22browserId%22%3A%22lh2qqigec39ceebk%22%7D
.barrons.com/	1970-01-20 20:55:46	Name: cX_P Value: lh2qqigec39ceebk
.barrons.com/	1970-01-20 20:55:46	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIE4AmHgZi4CsvAIwB2DqIAMADkHTRAkAF8gA
.rlcdn.com/	1970-01-20 20:12:34	Name: rlas3 Value: VdwRZz4cpj2m5uVUWWpKC3sC9lMDkB+mHsTf+ijzVws=
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.targeting.unrulymedia.com/	1970-01-20 20:12:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7d201714-c399-4c3d-b275-8a5bb7d2bc20-005%22%7D
.barrons.com/	1969-12-31 23:59:59	Name: s_tp Value: 3202
.barrons.com/	1969-12-31 23:59:59	Name: s_ppv Value: BOL_Article_Daily_FireEye%2520Hack%2520Spreads%2520to%2520SolarWinds%2520as%2520U.S.%2520Agencies%2520Are%2520Breached%2C37%2C37%2C1200
.eyeota.net/	1970-01-20 20:14:00	Name: mako_uid Value: 187cfcdd321-7e80000010a4b8f
.eyeota.net/	1970-01-20 11:26:59	Name: SERVERID Value: 19343~DM
.rlcdn.com/	1970-01-20 12:53:22	Name: pxrc Value: CJmMt6IGEgUI6AcQABIFCNtOEAA=
.smaato.net/	1970-01-20 11:57:12	Name: SCM Value: a6dcdad9
.smaato.net/	1970-01-20 11:42:05	Name: SCMp Value: a6dcdad9
.rubiconproject.com/	1970-01-20 20:12:34	Name: audit Value: 1\|i7WLabMcVxInBLJkcDV84+1WuCoMxA8a+JUixCbOKdpLfYM1RPAn/CrtmMe53H+woUTpitDocW4y5p//gOMmuuCAnekPgJibq5sM2AcuEp1fW8pPU411Fg==
.cxense.com/	1970-01-20 20:12:34	Name: gckp Value: 1j5c8fqdooikf1qt5b3vo6qzi
.barrons.com/	1970-01-20 20:55:46	Name: cX_G Value: cx%3A72ww93yq0c0t1oo5agjw0j3xu%3Aiq2umkajqwxq
.colossusssp.com/	1970-01-20 20:12:34	Name: gtm_usr Value: f4a3f459-bc08-44a6-91b4-e2888d027b7e
.colossusssp.com/	1970-01-20 20:12:34	Name: lmg_r Value: 11
.prebid-server.rubiconproject.com/	1970-01-20 11:47:08	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiY29sb3NzdXMiOnsidWlkIjoiW1VJRF0iLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwMTozNjoyNS43NjA3NTQ1MDRaIn0sInJ1Ymljb24iOnsidWlkIjoiTEgyUVFHWFYtMTAtNVk5RiIsImV4cGlyZXMiOiIyMDIzLTA1LTE0VDAxOjM2OjI0LjM2OTM4Mzc0WiJ9LCJ5YWhvb3NzcCI6eyJ1aWQiOiJ5LWJHYXBJWFZFMnVHVU81blZTVE9KbzFnbWdNRG1VUk4zfkEiLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwMTozNjoyNC45NDU2MjQyNTlaIn0sIm9wZW54Ijp7InVpZCI6ImM3NDNkODk3LWUxZjYtMDgwNS0zZjAwLWMxN2M0YTIxN2UzMyIsImV4cGlyZXMiOiIyMDIzLTA1LTE0VDAxOjM2OjI1LjM2NDcwNzI4WiJ9LCJzbWFhdG8iOnsidWlkIjoiYTZkY2RhZDkiLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwMTozNjoyNS41MzY0NjIwMDlaIn19LCJiZGF5IjoiMjAyMy0wNC0zMFQwMTozNjoyNC4zNjkzMDM5MTRaIn0=
.bidswitch.net/	1970-01-20 20:12:34	Name: tuuid Value: 06b9933a-533c-41c6-91b5-0cd70deb93c4
.bidswitch.net/	1970-01-20 20:12:34	Name: c Value: 1682818585
.bidswitch.net/	1970-01-20 20:12:34	Name: tuuid_lu Value: 1682818585
www.barrons.com/	1970-01-20 11:28:24	Name: _lr_sampling_rate Value: 100
www.barrons.com/	1970-01-20 11:27:02	Name: _lr_retry_request Value: true
www.barrons.com/	1970-01-20 12:10:10	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-20 20:14:00	Name: TDCPM Value: CAESFQoGY2FzYWxlEgsIjvTV_KrJ5DsQBRIWCgdkMHRybzFqEgsI8Ou9_6rJ5DsQBRIWCgdydWJpY29uEgsImP3AgKvJ5DsQBRIWCgdzdng5dDUwEgsI-svKiqvJ5DsQBRgBIAEoAjILCPrDzbfByeQ7EAU4AVoHc3Z4OXQ1MGAC
.c.bing.com/	1970-01-20 11:37:03	Name: MR Value: 0
.bing.com/	1970-01-20 20:48:34	Name: MUID Value: 2A76B239DF2D6C731EE7A13ADE166DFD
.zemanta.com/	1970-01-20 20:12:34	Name: zuid Value: kTepWDR505hdHBtUjos6
.betweendigital.com/	1970-01-20 20:12:34	Name: dc Value: was1
.betweendigital.com/	1970-01-20 20:12:34	Name: tuuid Value: f2c57b0d-b492-5378-91d5-23c7f598e5dd
.betweendigital.com/	1970-01-20 20:12:34	Name: ss Value: 1
.betweendigital.com/	1970-01-20 20:12:34	Name: ut Value: ZE3GGgAJ14hHWo3SHEiz8pbsj3jjCkrikdNvBg==
.bluekai.com/	1970-01-20 15:50:29	Name: bku Value: ikG99OgsEVxlArGQ
.bluekai.com/	1970-01-20 15:50:29	Name: bkpa Value: KJyWysNEQM9z9wOw1NdbLe7+M5zNh7I1s92rm5iqeZWPob/OU+Z7ffzRrXAF1ak+78bf5F42Ilm2lXolaNYfbGwtx0f2qwO+BI0IorAt/FvY1Y91h2UTbJF87fdDdPEwZILaRqiw4CQ44R1yc12l4bGfCvsopI5MljyxOAuQHRu7eW50pD6AufNhuuOA0xUCLU/TVazAE2dvL3OJg/3+kRHAikghZiKCiQ+Eh9j0+g5akVuvSG1oN0kDG7vJuLaW1MSHtk5HZ15abvpPMkWC1PKvijhC3htMsS0MMJOehCHLgmqiAJi9SvftJ+uvyI0pFxtf84X9giaVyx==
.creative-serving.com/	1970-01-20 20:48:34	Name: tuuid Value: ff5b3138-2563-4038-9b6c-845f2d13e689
.creative-serving.com/	1970-01-20 20:48:34	Name: c Value: 1682818586
.creative-serving.com/	1970-01-20 20:48:34	Name: tuuid_lu Value: 1682818586
.doubleclick.net/	1970-01-20 11:27:02	Name: DSID Value: NO_DATA
.bttrack.com/	1970-01-20 13:36:34	Name: GLOBALID Value: 2uKlc8-sIBd987FnJwDFYeT9fQsBJ1WF9nA4nXTKJUMOPDtqCPe_qn2x4xrT5PJQJGr2RdAFs5QC4TM1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.dianomi.com/js/contextfeed.js Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377(Line 252) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.barrons.com/articles/fireeye-says-intrusion-campaign-used-tainted-solarwinds-software-51607967377(Line 252) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	URL: https://us.tags.newscgp.com/prod/ncg/ncg.js(Line 3) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.ncaudienceexchange.com') does not match the recipient window's origin ('https://www.barrons.com').
security	error	URL: https://us.tags.newscgp.com/prod/ncg/ncg.js(Line 3) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tags.knewz.com') does not match the recipient window's origin ('null').
network	error	URL: https://follow-api.barrons.com/subscription/filter/author?product=barrons&value=8617_BARRONS Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13516 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 16) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/10650913673796648960/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors .dowjones.net .barrons.com
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM http://dowjones.net
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

331afe2bb48f994fe0d9101d6b5b6bfd.safeframe.googlesyndication.com
6b6b990e-d9d8-4116-a028-76da837d7607.partner.permutive.app
a25c2057485bacf8d30418738bc64a02.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.barrons.com
accounts.google.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
adservice.google.ca
adservice.google.com
alb.reddit.com
analytics.twitter.com
api.cxense.com
api.rlcdn.com
api.wsj.net
asset.barrons.com
assets.vidora.com
ats-wrapper.privacymanager.io
b1sync.zemanta.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c2shb.pubgw.yahoo.com
c99c63828b72d60c6549a182ce9d74ba.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn-gl.imrworldwide.com
cdn.brandmetrics.com
cdn.cxense.com
cdn.gbqofs.com
cdn.linkedin.oribi.io
cdn.optimizely.com
cdn.parsely.com
cdn.privacy-mgmt.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.everesttech.net
cm.g.doubleclick.net
collector.brandmetrics.com
comcluster.cxense.com
connect.facebook.net
content.capi.newscorp.com
content.cxpublic.com
cortex.vidora.com
cs.media.net
csi.gstatic.com
d1z2jf7jlzjs58.cloudfront.net
d2oh4tlt9mrke9.cloudfront.net
dowjones.demdex.net
dowjones8650224.s.moatpixel.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
follow-api.barrons.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.cxense.com
idsync.rlcdn.com
images.barrons.com
in.ml314.com
js-sec.indexww.com
logx.optimizely.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
ml314.com
news.google.com
oms.dowjoneson.com
optimizely.barrons.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pblog.barrons.com
pg-prebid-server.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
play.google.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s3.amazonaws.com
sac.barrons.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
snap.licdn.com
sso.accounts.dowjones.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.criteo.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.colossusssp.com
sync.crwdcntrl.net
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
tagan.adlightning.com
tags.barrons.com
tags.decider.com
tags.knewz.com
tags.mansionglobal.com
tags.marketwatch.com
tags.nypost.com
tags.pagesix.com
tags.penews.com
tags.realtor.com
tags.tiqcdn.com
tags.wsj.com
tgamriker.s3.ca-central-1.amazonaws.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
us.tags.newscgp.com
usasync01.admantx.com
v2.pixel.newscgp.com
web-sdk.urbanairship.com
ws.sessioncam.com
www.barrons.com
www.dianomi.com
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.ncaudienceexchange.com
www.redditstatic.com
x.bidswitch.net
z.moatads.com
prebid-server.rubiconproject.com
tags.knewz.com
104.127.184.98
104.18.11.47
104.18.16.195
104.18.25.185
104.244.42.133
104.244.42.195
104.36.115.111
104.77.238.162
108.138.105.30
108.139.29.64
13.107.42.14
13.226.22.125
13.249.141.127
13.249.141.21
13.249.141.37
13.249.141.41
13.249.141.96
13.33.60.53
141.226.224.48
142.250.72.98
142.251.32.98
143.204.146.41
145.40.89.32
146.75.32.157
151.101.1.140
151.101.194.49
18.160.30.66
18.164.101.60
18.164.124.126
192.132.33.46
192.40.39.223
199.127.204.171
20.40.202.2
2001:4860:4802:32::15
2001:4860:4802:32::3
23.196.185.161
23.197.37.247
23.198.217.152
23.211.130.59
23.221.200.79
23.52.157.179
2600:1400:9000::687e:74bb
2600:1400:d:4a3::13b8
2600:141b:9000:288::268b
2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1
2600:9000:204d:7e00:2:42d9:3100:93a1
2600:9000:204d:9200:14:c68f:c40:93a1
2600:9000:212f:1800:1a:635e:8fc0:93a1
2600:9000:215f:4c00:1b:5138:8a40:93a1
2600:9000:21d5:ee00:4:77d:a0c0:93a1
2600:9000:21da:4400:b:9734:2640:93a1
2600:9000:2211:5e00:6:ddc1:5c80:93a1
2600:9000:2269:6c00:2:53b2:240:93a1
2600:9000:24ef:f400:19:6ce8:b580:93a1
2600:9000:24f0:1200:f:5016:900:93a1
2600:9000:2511:9800:7:2bfb:7c00:93a1
2602:803:c002:300::99
2606:4700:20::681a:c12
2606:4700::6811:180e
2606:4700::6812:190d
2606:ae80:1471:11::440
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::200d
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2010
2607:f8b0:4006:817::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2003
2620:100:a001::18
2620:100:a001::4
2620:112:f002:bbbb::21
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f011:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::396
3.211.32.81
3.225.218.10
34.102.180.215
34.107.222.173
34.111.234.236
34.120.127.126
34.120.155.137
34.160.158.95
34.198.52.55
34.234.108.188
34.236.83.94
34.239.204.15
34.98.64.218
35.186.253.211
35.190.60.146
35.211.178.172
35.71.131.137
35.81.179.60
44.192.36.208
44.206.92.231
44.214.133.87
50.16.174.192
52.1.136.228
52.14.9.78
52.217.195.88
52.223.22.214
52.44.30.82
52.46.155.104
52.73.235.138
52.85.249.178
52.95.126.138
52.95.190.98
54.144.144.142
54.145.162.27
54.152.15.101
54.164.141.245
54.230.17.19
54.237.41.29
54.85.199.144
54.86.208.12
54.86.220.23
63.140.38.160
64.247.193.150
65.8.49.124
65.8.49.61
68.67.179.166
69.173.151.100
69.192.109.53
70.42.32.127
86.109.7.56
96.46.183.20
00495daca2e53e98f9a9f80b0f3bf64cdec5c9eac89276774d2581b5183de979
00d88adf827c99f1ca2dedd2213a89b92de49b48493e78621ecd66ff9294fca7
02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
062016227cfd647d5454d2bca05aae10b71be576db090a7833518ec4a071f80c
0638c53394a57c167f0545ae77a504a102d26befd0eab0ee1ce67188fc2689fd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
086560cdec782821e481b99fb3000a804a9dd84aaba0ad11b1af9aec3acfbf62
08be7bfc1fd20f2791c7cf5367c77e46fa433266f10a35c60c463274b7248b06
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0a8234ae0bf731640ca703114824b08245f80e46f4b8d3f202dd1ad4bf023817
0aefc1b421227b458ef996356e5b125ad043128f03ef0f8d9867726b73f09647
0afd1da7888ad7f326f4d50750921bb71cd675b04321a924f41370f76713d14f
0b3f5007e2535db9a74b22986c60082fc7a6da6e6a2ade8173589a2d18c71868
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0dc96464188215020497505ffa63d8b01c2302945fb4854d1fa3914cd41e7bda
0f5a9d05963918122dde403e694fbfd7b169f71501b1a0d342d1d5456da1402d
0fc7abda4e5aa5417e70a5d292c34ce952a6a5bb77bf51e6ddd2b62d03443b9a
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1
1336e8f15c41d52d726e2dd9c07f9c42a000541f165a10763f54cb5728df9c84
137d23c8b31918055d316bb19e87c6fff0f4a36287566775f5d65a1508f2cb63
13ee1534cd1c1ee75c6cc66bf9a090aaea63c0018e66190675071723b7a8b6b7
15d3aa76cefc7e3aac65cdf21c750a313cc9af4c7e041277bfb83c1b12b30e9c
1678f4e1edfd45bbb2a7d55f430d8879b7b87aae76c488934f56482edaae6fd9
16d5af25a69823004facdfe27b113f11bdeaf42d981cda185ec9d9e3f61bd32b
17cd7a8932c02b67c4d55ac0b07a5c2400ccb1819e49bacbe385831dd776cbc4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18dd87f0b33f9dd503aeb7025b7b60c65147c094e542e2b675b71a3ff459f3fb
19b17f483b6971c1e33254a78a8f147514713f43a199266b93739ff2d2187915
1a6754970fa19ebf289e6b9b77d68e8ab2df2571459da9e15f258526d3b2d23f
1a8b509cef2bd0145c1413dc9da10a5a9cc42590e586dc66e7e7809dc884cbe2
1c633cb49f56ccb068f97d5ebc97822cf4d03e99c2395efeb586d99b609f673e
1ceb4d0e947462575b9212649e6c608db281f376f7baea3e40ba7a665be65884
203074392ba5aae77e7ef60e5a45a2fe0860439ec224c4535220911d33b5faa5
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2102e3d56f12fdd0a4cb70de5c36747231f6641f1033f35bc0001419b1b1b159
222c2bb0efdbd86d8577c3445b6fd3005cc1bdc86d75563da3a16eaf0bac6a6b
224d5c1a589a8bb14a8da3b2ec215f9a64da1d77f3b0b716121983eb7a4d66c4
23f681e5ca4fc39b86bee60aecb0919bd4127c5b13e2bf8a5eed17191c66a95c
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
243fc408544413a8876e26c5107c6ba33e2c1e30a5435ef9819d9e38fd4e0a18
24fd17d64ea1480dfe019e54464c6ebb0dccac42b5adb44bb217b04e18f343c0
25562ed433303fc4c68f29353d9f82697549df81f2bed3489653b12c0c8b293d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2732c97bb5ae7034a7f382a36e3bb0c1bc366b8bcc31c369750083bb94e02016
2768ae53f3d0adb7aae675d689e261fc3189086f05f6cf004773de0dcc24336e
281b1bde2e0540cfc33ad10870159d96c605bd005551845ac085ba39b2f84bf3
287b4c540b3ed10e61203a7b51cd6c2256bb87eac2cfaa02e50688f2faaaccc7
28aac97c0be3cbee2c6f0b280eb10f848f7989f3c845282496dc4ff9febead3c
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2c5f380018ae1f09fc4d8149d9184b263a75a7046ec9f3eb8903f39a2d013259
2cb8a62928136b0e8f7522f370b82d44553c29487d7bf39542a292279bb3b6bd
2e75bf514680cec4e36dac9027f83c03f316c1ba856dcf43479872916d5d2c55
2f2962a04d34bd117121c622fc6cb06fd45b46b9cc1a894a17d6cfb096c3433a
2f2d65c4219d0fa5f1eec1ff6351c17af97654f34d94378acb136e57f1c2ef1a
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2f7c59be18087cb8a5b0ad5952907aaffd91125c4f585228dca26508eccb08e2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35b4468ee3b92996a8e1a40804cc59b72893fa04abffe8162ad743cd0618904f
36501e78a5e2a24ece2b3b45006bc684a690c28ec1b358ac1fdc95cb13f5ae90
36cbba678939135842c88e3fd74503e9fa621f72a5d840f3c0e3405fc1a37bf3
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
3a5df939031df9695a02a7cda36bc2e251b3f0d5a947ee6e6a3d1dabf2428613
3bf290622df877b99723c8e91cbce1a00895d03892d4a4a76f23328ac3fb9859
3c34b1092df017a86dc4937525f7153f5190369c4e86d73dd01f1f0e59990040
3ccf03ca5b6fdbc712ccbb0278cdbc4d6aba50772229fa54f6be27371d13fa6c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ea3837c0b48a0337b6ec3a10381dde68aec08ebc75ff260c08df2b8e0ba3e27
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40534bb933387bfe3fb508f4f323543ece2d4be3d6558ac118663808c69871ce
41461b316af51f5058831109c477ab5b224331c9f9c1f11627ef5f09de71ca4c
417a6186a53fcc08eb9999a19d4f9fa7734b0817c28de822337bd725dcc8cec5
42aa82f0a1d3138ad8da9c016ea89bfa5898ce8b2c09b6acdbd29baa58dd464e
438616aedf0d799505fbbd6e17c2d74d662306bee6bf8ad2fb4a8d8e161c3eb0
43cc5e1c4b245d5a142921135984c5ee96ac65f683a8674ff50163d323f7ee9b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44bb997319ee82207a622086f213fff25bdb54b3c6b64952687c883031bc4e16
455fff3bfb47648ad484148f5e5b10f25b657b0f346e0e46421f7e00ba2fd293
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
484132018c922711d72e558f24783d050c44393e42cc4cb2a3dbce651f741e11
487908bffb419635b893682145093e31d375eaa380a06a1c51aca9c3a9f232f1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49468d119e0fcbfb6955cccc2eb8b06b5640e36cab4a9efd7bd8544e040d6a48
49cc6ca8601742cc91fc65e7eeec62dfb6b4525d22fb41f51b7f3b223679feeb
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
49fd60e44c3c4731fc4d2332c15b050bf3376dc092cab9ee72a1da146e540e33
4c41c6ef22882504b909c02fe91a8fd72a0ab0cc65cd00c5fe3ffd8e2b681d84
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8808c58190a628a8c8f0149f1741cf420b729951ffce12a3cce712d404008e
4e8ba2d2be4ac90ef4a767274b420b67479b5f6c84d70dd5781bba12145a117b
4f8bfd681a10c9e82846a7de7303598fd146930240be1e232ef690ec9131b43b
4f97197137a2c9b02474805b62f6efb8f3c40854cedf784d2933238174f0dc02
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50d56dd3d6976c2a668cb3c0ffea7132239e77bb3696ffdc3cb6c75f845a23d0
521cc1b7d74c9ae4bc24d82db1c13efa340519b4c2691577b32b6ec4c33e640a
527a5a83dda01d93c8e0e289bc6c1d66d22b6e5232f69b86b2f01b5ca94115de
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
5489306d55535ba3c05ce9b95aca0e5f8fb4d21e902de874f3b431dc88b42caf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5651782537b2009b0b4b9a9335dae27d57a826015a34497186aab228d7ce1d3a
570dcbd00e4e5596286b90fce894651d5f321a6449f823eb8e5308f30c90a1b2
58c572d051997ab8c683ff5de516fdb75f8572fb1f37e2c0b275e6059a009d6b
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
5c9af57c3fcd07aa7818d33715a9b4840c34f682d7e2262ce04be78fffd14422
5d2f3be9306fe235564c691d76d5ad7f92fc867f0822b8c95ebdc10519821a78
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f6f561bfe25aa4bcc6efd0b79af69e6a0edd8ad13b6277b11a441f6f464a1f8
618eb54b4423c9b6e306b87bc4d48822a3d95675afedf7380e2d38c8877d290f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c398329a94d5c5c4c8860178588e1899e6e1f7fd29ee91afdd6d83e099b6ea
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63d904b69fab2e9d4762d16213fa7683bcd2b2dfba4592752d7ca70ac419055a
63e5289e179564b3cf4ce26d0d4831e6950c3d445c23359b604681032c9e32bd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd9a0dc4e398e2bbb38defe9ec3dce05aef3efe215da9ac60da17701e6eef86
6c9c18ae95cd41d6d4bbecead0ff9a9e732872a045ee79af40e9b38ed5f84778
6ddc691783c58242f2e240f5b49641ee197af74ce3e1686ee7b578566d7a83ce
6edbf7efa384a9d4f15b08d8c9bab7b156db2f24a1849f34d6551a53ce1fd5c9
6ee8ad6028b4b8a91d32097637c324da6fefd933b06f129fd55bebd94fd30f84
70a05b736b3ba45b696976d144c806f2f5ea3d5b26764701958835b9ec8233e4
70b6f707db1bb0dd5ab31185b8a9ab27a22c97fbc71629d053645e98cda923f8
71a79a2d452f2583e7ba76144d538d4b7f73a7861be86054cb583e266db3d246
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7381a204cdb6c73ae24fea0ddf0bda5abcb123cf656dd699a0932e4bc15abc4f
7447821963e8b3dc6d10c4c687caedd3e2cbfa0b4203e668a5f146448a73e583
74a17e9fc804adff59573db77a5232b9a840bbd9fc76790f935e055462d753a2
75567ce2c1e34a108f9314792a7bcacaebce7556a11017b0da06157656a051ef
75ffb1514a3c8742fc6d988f8f5ad71adbab4eb74ce6f9f82d77dccd34402607
78930771c561a845030a699390338f5c6efa3cc7698e624937c7795a810bc312
798c75062b0dbd45755071b5d29efeb0ed38360f123f721abefe83c8862e2d7a
7a7c108921aec53b21ed74d3979f9c1aea55ae72d724ff49d4e66bef21431c1c
7b1563f10937c2b277986568191a01a71c03c184f8db7dcfc821044bbe9ab2b9
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b23cd16d90740cfc029f803af8d83804d16b9990875bec34b2b85d272f06204
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c6f11a64a88d777810efbfcaaa50999f1aba0ae47c02518f44cb05ff7ff8d2a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7e243b78efd935e4ed26fd1a3a836eb5fe5a07287d7ff9e085204f3ef7a4140a
7ebb1607d4d3e07d203645200ed0ec1fe5f8ea4547869cf34713933de1cdec2d
807bd2cdee61126e98a3c820b14c39d4f7b4dcda9503d9d63f34ea4a4bbfb84e
808515d245d7d80e18a680941807e7e7827d30b947b283cbd85c52f8eec41d04
81c1b5c391e445839ef61acd28a919b707ecd4f4b7f46e854c24334ce48c4c8a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83217460f18539d97e896d2fd5f70dd723060dd1afd4e09cd839780de6bbff3e
850e6e33ad9aaf7cb11581029fedf08a1d855814d569f2afcea6a9764e8e0c83
8526d0800f35320bec1c08b0c5a068bce520cb475003530b3b5a41d4dce809de
85a2f7326ab136ecd971d60f7480bdd356370ea32d1997de1f1a9d9720a4c772
874fabf27d80a25a0256cd146204ec7e5db121e4fe4d91a7c61bf2cc7a587eba
87eea26a32554f4705d53fae128a7c91b6f0ed7406b48f4cd71877b8d826a250
886c0cbcd963f55024c61e1440adfeef7e5f1ae8dc200a63edc4cccb05db4001
893f2ecaf0b53a627afd4eb0f851fed4b88666923b8e9e130fa2b42374ecab50
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8bb42f8919ec3eae0fce1246cbc218f44e03922646fb3a41e79010bd7d5dc471
8e5cee77b8685a30e59a9e54d313aee9e05a2d8ea359c37950de09e407832886
90dcfcfec7ad33f40c50b7b310de4b17d6dd366616e90db7247fae8b5c18ff3d
91c7394c0d7c9627615aef296ad45c563974b44de0187402cf712781fe5ec07b
91cf14a57139ae5367867e8fa6ce13ed2f336f152bb72da367cdbff079a18beb
939642a0c8db9598395b07246abc30d53c4072ea290aee9b84ab18ba0a031790
96b660830a66d6f8f5dc0aee22f611575184fb0ce9af4d0f20a1262e1240caa5
96d40391d2c1f1b3a6437d370d70a1180c9b17d13d68b76b6ebffa0807f8f278
9750809198ba26f88356e8d90a8d04f8fd3ac497a9f6dda9764a8478c2fb5ae1
97c8b9772b4b47e929f129e49d3fe477f8f5c14c5cba8c7f0015669ac8b55be5
9800cb2ff4bf0cf670cf8bf061fda45239014a2bd3b802c2974e016036a8aee1
9862d720a7bf84f9af0796630be7018e1dc90f9d4177dafe02b42a951d8fc89c
98975ea424ab8d35ea6babb533df44fd72a494b57b9e4bd0fa4e8d35bbef8cdd
98d5db89f98b771d3dd445f289f2489c1fd1b64db114ff2d3479c52b184bbb59
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fc4f04be007c09de16f87a9473ec3b9b08932251906e959dff063b7eab922e
9b52815c72f3af0a09f0e2a9cad32e33de2a22c9cd0c604d09c60034540467c1
9be1d16ffe202dd1ebff9b879f81f8f833721fb97831a5cff3ba76994ff03b37
9cb28f1ddc9ba6303dfeadcbeb3ca240c7e039e18fc68318050af671fe09c151
9e1c6009f291c7c0c81d3ee0faa100b9a1c880739f09569a5715199bb243977e
9f2220ea21a778969e5479a9864b598848d0977972fbbd1c476e6d1ed980b32a
9f5a484012a39673c20adad65cb49047cda5bc883ffbaea439899707c83af3e6
9f8040fa465bd79268a833205648a067b259c62d194fee843a286b943d0231b1
a00b562ffee424fa4a42d4018ec8aa03218c36c9bd4aeba63a05edffb1c45210
a0106879a92d5747e97db7fb70127facef0a5f3165033776970018febc8045c8
a032e835b9573c9ebb4344b455e5977645aa15d167bcbb73eebad63c16cc1f7c
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545
a1354359f90748de872bee00f32497b67d579243ee0421026a420c3c260e215c
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3b28f6724d084f37e0953db5baadc65592bebd96dbc483eb2d82d9ac9807462
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7db2cae2d58edfde00553fac7883c2921cd1559ae9c7b95bc973f118241377d
a801446b14366d62a4e9dc9105060d5d5f7cb079700e4c39318512214831ef37
aa065ed34771276c21452124fcf2439750da791869a5ecc1fab3e9a41795cc44
ab2aa00d7f59eb2e2e7bd3057ca1e1052b462413c1affc922b0553235c741c46
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af59bfcebbda7b3ce5e5aa5c18857a2609f4dad54bf4305598d99ebd495cd9cd
b0f27beeb2b15d3ed55c2e5747d68499d8b5915e661f315a1dd2c61edcd69566
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1feef03035593f2abc0aa803cf5f4b1a81e30fdc83e642753218b1a3f0606c5
b5461a917a7f971223ab5bd0bda420619deae3c987b6066247a6a39d525434f8
b5accc72a5ed1badd3c71757b9a99be0393789490c25792686f28a44f96d72f8
b5eaa00d3e707f742070128a094c639e9adf5fc9f1656ab183d0ab168e31826a
b600bf597fb2aaaa0e4a8499e385d889d64aaf2983052438bfea5f61ce30962e
b6aa033318bf1134980011c5bdb88d1268cf9a6c9da88c9b304127f6e6637561
b7ed414d1efa96f2b24b15bd08f1e5d0bfd09f0ef8faeea7674b5799ea605777
b9c03a4a1648529cfd85c7457194defd9055f81b209612c41ba41d0dc38f7e11
b9dd3ac5da6732c952d1fcf8130a7e403e4b48c08460e3b2f62f2aed37fe6957
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb455b8e8da979ea3a11242d438b5ca9481ad817d558c8c31a01c17a8f4ce2e1
bb659f55daa2d360c3721e411cd1797004fc5bfcfd23602a38cec34049404b44
bb98679d3fb98855fb8f4cd9a483d24fb931c561b3889e42c5c5d3590e71771a
bc7d47054604f965f3f969619ca7e8dfa10575b0473a402a9f51a73e8d49a3ff
bc9e81999967e8bfe66b3337896a3401cc0ed306c99243b4924207df749a012e
bd0dac8145c625ca28dd84fc7bdab686367d604942013fac37d2bcd3afc60612
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4
bfea140d0fccd1fdc66db05dffc4bbd0cec97502c0b888fd040302be7e102568
c111673e79db42de01965fe1091794704ded734dd090e57f1e4c7b527e6b401a
c13e277ea907a89e03fd380b4016be556e1bc1869cdcdc719cef3ea40974d968
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c37e541b7618d427bc73c634922d2a699f350dd27667240f14d98eec3e3d34f7
c3f12242b301e565c8944c3da1679ad5eed186245b5ecd31a54643f2febc1e69
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c623296ed764f241eab3e2e5c2ee20c869ddc80a9c73711197990964a32c885f
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb25374e50a474d8c7b2b7014243c653e6c053f2bbd6d7dea474b6cb11fd8d92
cc03017ee5ee78e23571e7b27c9db6e350fa6dcc0d16db62dda0fc8c93094686
cce4ed0f75fe50cb7431c44d94643bdeb12fcf7b8c04af83d76f24fc875a704c
cd3e44650792fd3eeb1ba72a06a88c89be0089ff0c5b1ffc54f3bce1349684e1
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
ce7421f5862e407365973442ea5e7e98575b6f179ed23ad2c8d6c1ab7c9a8d41
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d087b69dc12673a9f462f9ef3cca8c647b0426a717f51987a4d83f23a0c7d469
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d137c16c19a703e2a19a5a7851e34a378b182514ab6469def755b5c07d12f758
d51c9bb396c065e9eebca8d8ded38e5049e48c301e9822369b76c5e0764363a1
d90e5867b1578cb301c51e5f58631caf85cd2710c26c8d048209a7349778229e
d99b3c3ec6de5841d0bb8f61ceaa0519df20f7725a3c4ea63ef87ddb93dbfb03
da17aa7336263ad0aa2983813edbb8325e9b39a13498a652da2471474d1abb25
dce41ec4e1d60569fee9de13c5cc433741c4b0ebeba99ca8cfd964303ea2acb3
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df4248d48feadcfc232a2936ed83cd12242fd235d2b5b25b0da07a2df6bc04a6
e0f9d3fa08b49f9373b02c5fa19cbab78617e1fa1b3b68ee1efe720464d22c94
e1a2314acab721546f2e6b00b98f408f6191fd806febd6520dd487b6caeade6f
e250b5afc0f6404d2d6ce5f453283d7497d7c27feb9ff74919dd4ae7d2c5cb1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81b5417b19b1683de775c8e5c2e7336da0a5b237f0b21a645dea6c635c0d304
e82bfea720ac904efda8a84f5d9db37461d4539d51454e469726439b219c3905
e871281da66e5bc2b82c42f58ef0dde407eabaaef8bfde606055235ae4a66b81
ebf086dfd77675075a1a4172f41b270f12f0c92aa6567aaf13103961e8a1e397
ed2eca4097fd323245d0468af93a2a7c3d6938be310e484b34fde0a607d1b11f
eee33011d715a727542383e42836468418bbf7432063fdf723d28f94e878df5f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f097e2cf38612c8df5cf00a07f995cc61e708c4c54c8973f2159e6c01c2b1d81
f28aad5e4303e98d21626c1044e8afcba3e8dce789e9c6245084bfc83082503e
f4bad0aa828c3437643bef3bc0858e16da34745892574867e90f459332800752
f4d6b1ed6e220cebd550f63b8e57ce690fd13672a997c9b6fbcb03fd879ec64c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f64978b38ca020fe6ff97c45d3fb3e0c56898a1fdd479d5e603bc3405db20cc4
f724988664f7ff40306c2ae90a9e2b74521fbf937dce65fbc4ad9964008cb083
f87655b075ab86b11d7ef89868c5431d323a44b6a3a815ccb543e168f392371b
f8cf57ae4cad22e12b1ef52f9741062034ec28c0653312df6c6835d62c5eacb4
f931f982c3f40d167c41dd5f1dcf8dc5ce8a93cf7ec3bbe083d4b52538ccf827
f9a14368257e7ae608b41966f9d8551e61390e593400e69013ea2e39ecd097a9
fa42b353a1443b510839625deac9428844a80039d8bd6f1ad45b9caea9f64d35
fabd3ca1addebe215da67c147155b1d948d873d8d82ca54e5ca4537637e9c7d3
fd3857eb0cef492a9fcc6acfea61f420a2440e34187e93719d73846236248965
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4e49e857d25e33c9f13fd578c20a2413c9bf09a45185f161cf384a7242df32
fff3db3db74b03f8ab2d9a006e765b8dbd1e60806628790de3ec86d5af7c293c

www.barrons.com Open in urlscan Pro 2600:9000:204d:9200:14:c68f:c40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

483 Requests

87 %HTTPS

33 %IPv6

94 Domains

157 Subdomains

115 IPs

4 Countries

5858 kBTransfer

15537 kBSize

125 Cookies

38 Outgoing links

Redirected requests

483 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.barrons.com Open in urlscan Pro
2600:9000:204d:9200:14:c68f:c40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

483
Requests

87 %
HTTPS

33 %
IPv6

94
Domains

157
Subdomains

115
IPs

4
Countries

5858 kB
Transfer

15537 kB
Size

125
Cookies

483 HTTP transactions
7 data transactions