urlscan.io logo urlscan.io
SecurityTrails logo

www.hpnonline.com Open in urlscan Pro
151.139.128.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522...
Effective URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-u...
Submission: On April 07 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 6 countries across 22 domains to perform 123 HTTP transactions. The main IP is 151.139.128.10, located in Dallas, United States and belongs to HIGHWINDS3, US. The main domain is www.hpnonline.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 1st 2020. Valid for: 3 months.
This is the only time www.hpnonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 149.126.77.62 19551 (INCAPSULA)
12 151.139.128.10 20446 (HIGHWINDS3)
1 2a04:4e42:400... 54113 (FASTLY)
14 172.217.18.98 15169 (GOOGLE)
7 2a04:4e42:3::720 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
1 5 23.213.164.149 16625 (AKAMAI-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 204.180.130.159 53866 (QTS-AS)
5 54.174.221.155 14618 (AMAZON-AES)
1 143.204.97.25 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 3.248.28.111 16509 (AMAZON-02)
2 3 185.33.221.14 29990 (ASN-APPNEX)
3 52.0.233.94 14618 (AMAZON-AES)
1 1 216.58.207.66 15169 (GOOGLE)
1 35.190.72.21 15169 (GOOGLE)
2 204.180.130.165 53866 (QTS-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
123 27
2    149.126.77.62 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.62.ip.incapdns.net
trailer.web-view.net
12    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
www.hpnonline.com
1    2a04:4e42:400::621 (Ascension Island)

ASN54113 (FASTLY, US)
polyfill.io
14    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
securepubads.g.doubleclick.net
7    2a04:4e42:3::720 (Ascension Island)

ASN54113 (FASTLY, US)
img.hpnonline.com
2    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:21f3:ec00:6:b4cc:d980:21 (United States)

ASN16509 (AMAZON-02, US)
d24bnj4f1s1f8m.cloudfront.net
7    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
34    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
5    23.213.164.149 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-149.deploy.static.akamaitechnologies.com
s.adroll.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    204.180.130.159 (Chicago, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com
olytics.omeda.com
5    54.174.221.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-221-155.compute-1.amazonaws.com
olytics.as3.io
1    143.204.97.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-25.fra50.r.cloudfront.net
s.dpmsrv.com
5    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    3.248.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
3    185.33.221.14 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    52.0.233.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-233-94.compute-1.amazonaws.com
a.dpmsrv.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
cm.g.doubleclick.net
1    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    204.180.130.165 (Chicago, United States)

ASN53866 (QTS-AS, US)
oqs.omeda.com
1    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
19 cdn.ampproject.org securepubads.g.doubleclick.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.hpnonline.com
cdn.ampproject.org
tpc.googlesyndication.com
14 securepubads.g.doubleclick.net www.hpnonline.com
securepubads.g.doubleclick.net
12 www.hpnonline.com www.hpnonline.com
9 olytics.omeda.com www.googletagmanager.com
www.hpnonline.com
olytics.omeda.com
7 img.hpnonline.com www.hpnonline.com
6 pagead2.googlesyndication.com www.hpnonline.com
5 www.google.com www.hpnonline.com
5 olytics.as3.io www.googletagmanager.com
www.hpnonline.com
5 s.adroll.com 1 redirects www.googletagmanager.com
www.hpnonline.com
s.adroll.com
5 fonts.gstatic.com www.hpnonline.com
olytics.omeda.com
3 a.dpmsrv.com www.hpnonline.com
s.dpmsrv.com
3 ib.adnxs.com 2 redirects
2 oqs.omeda.com www.hpnonline.com
2 d.adroll.com www.hpnonline.com
2 cdnjs.cloudflare.com www.googletagmanager.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 fonts.googleapis.com www.hpnonline.com
2 trailer.web-view.net 2 redirects
1 www.googletagservices.com www.hpnonline.com
1 idsync.rlcdn.com www.hpnonline.com
1 cm.g.doubleclick.net 1 redirects
1 d.adroll.mgr.consensu.org 1 redirects
1 stats.g.doubleclick.net www.hpnonline.com
1 s.dpmsrv.com www.hpnonline.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 d24bnj4f1s1f8m.cloudfront.net www.hpnonline.com
1 www.googletagmanager.com www.hpnonline.com
1 polyfill.io www.hpnonline.com
123 30
Subject Issuer Validity Valid
www.hpnonline.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-01 -
2020-06-30		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
imgix5.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-22 -
2020-05-14		 6 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2020-01-29 -
2021-04-29		 a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.omeda.com
SSL.com RSA SSL subCA		 2020-03-18 -
2020-08-28		 5 months crt.sh
*.as3.com
Amazon		 2019-05-21 -
2020-06-21		 a year crt.sh
*.dpmsrv.com
Amazon		 2019-05-14 -
2020-06-14		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2019-11-06 -
2020-12-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh

This page contains 9 frames:

Primary Page: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Frame ID: A318A21C395FC2CA4B521FCAD40AAFA0
Requests: 77 HTTP requests in this frame

Frame: https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr
Frame ID: EB96A413E26305345FD63161A3AE1197
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: 545D6775942E310AF6EF898462385721
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: BEDD0D0396C4EA483431507A08151932
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: EF61659E3F7FC677DBD75ED7A39E91B1
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: B8CF24231006F3C5271907E8A2A63F72
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: D301FF40A4F2BA52BC618490C8C890E6
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: 4896D6AC7D344B4E520FC0100E3F4283
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: DECA1856E638DEA2F831119173C20DDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE1... HTTP 301
    https://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE1... HTTP 302
    https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/stat... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /fbs/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i

Page Statistics

123
Requests

100 %
HTTPS

54 %
IPv6

22
Domains

30
Subdomains

27
IPs

6
Countries

2144 kB
Transfer

5718 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522BCF6353B14897ABB5B3FE5DCF2E20B4967E66041D8E3B01F8FB5ED96.htm HTTP 301
    https://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522BCF6353B14897ABB5B3FE5DCF2E20B4967E66041D8E3B01F8FB5ED96.htm HTTP 302
    https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=564034546&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&ul=en-us&de=UTF-8&dt=State-sponsored%20hackers%20using%20coronavirus%20lures%20to%20infect%20their%20targets%20%7C%20Healthcare%20Purchasing%C2%A0News&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1810837136&gjid=1554352214&cid=1532328375.1586270647&tid=UA-62993175-5&_gid=479237850.1586270647&_r=1&gtm=2wg3p1PGBWQKG&z=760110442 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62993175-5&cid=1532328375.1586270647&jid=1810837136&_gid=479237850.1586270647&gjid=1554352214&_v=j81&z=760110442
Request Chain 87
  • https://s.adroll.com/j/exp/L5HHENJSKZDLXBM4TXRFHG/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 89
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/L5HHENJSKZDLXBM4TXRFHG?_s=28e783f57fbb4fa615d1766639fa1ba4&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/?_s=28e783f57fbb4fa615d1766639fa1ba4&_b=2
Request Chain 90
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1120%26pixelIndex%3D0%26r%3D63170%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.hpnonline.com%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&_=1586270647149 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?id=7815830266545197472&q=xImp&v=1.x&cl=1120&pixelIndex=0&r=63170&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&_=1586270647149
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7815830266545197472&pixelIndex=0&_=1586270647150 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7815830266545197472&pixelIndex=0&_=1586270647150&google_gid=CAESELNEPOFtDvDn2mRrgJJijYg&google_cver=1
Request Chain 124
  • https://ib.adnxs.com/seg?member=827&add=20958681,21130652 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D20958681%2C21130652

123 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/
Redirect Chain
  • http://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522BCF6353B14897ABB5B3FE5DCF2E20B4967E66041D8E3B01F8FB5ED96.htm
  • https://trailer.web-view.net/Links/0XB4529B193F001EA487A823C7276100FB4B3F6AAF83AB4D784B26C62E63B89B417EE18E597F72CC0F78C9A522BCF6353B14897ABB5B3FE5DCF2E20B4967E66041D8E3B01F8FB5ED96.htm
  • https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
79 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
623215f023ffacc2ebd4bd4e844d4017101b15ea7cf5f08d643c604d1742e8cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.hpnonline.com
:scheme
https
:path
/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 07 Apr 2020 14:44:05 GMT
cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
set-cookie
SPSI=f974b3a1f1afc30a00c315140ec7d611; path=/; spcsrf=c23443303668f666ead8676d48bfaa95; path=/; SameSite=Strict; HttpOnly; expires=Tue, 07-Apr-20 16:44:04 GMT adOtr=obsvl; path=/; expires=Thu, 2 Aug 2001 20:47:11 UTC UTGv2=D-h4d91ef3329bc978612efdb46500a1e99f50; path=/; expires=Wed, 07-Apr-21 14:44:04 GMT sp_lit=w4MFd1wrpa4Ipyi+gjM2CA==; path=/; SameSite=Strict; HttpOnly; expires=Tue, 07-Apr-20 14:49:05 GMT
vary
Accept-Encoding
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-version
Site:1.14.0|Core:1.25.5
server
fbs
x-hw
1586270644.cds121.fr8.hn,1586270644.cds151.fr8.sc,1586270645.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1586270645.cds151.fr8.p
access-control-allow-origin
*

Redirect headers

Cache-Control
private,no-cache
Pragma
No-cache
Content-Type
text/html; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Server
Microsoft-IIS/10.0
Access-Control-Allow-Origin
*
Date
Tue, 07 Apr 2020 14:44:04 GMT
Connection
close
Content-Length
285
Set-Cookie
visid_incap_82454=2XHq3TUSRiCGMCJ7EvL+HbSRjF4AAAAAQUIPAAAAAAA0hosay1t2weSamlHWb5MZ; expires=Tue, 06 Apr 2021 15:10:22 GMT; HttpOnly; path=/; Domain=.web-view.net nlbi_82454=mi5GEBhNVwS0o4ox257tfAAAAAD6SqYb9cP5z8OT/EcTAUEa; path=/; Domain=.web-view.net incap_ses_533_82454=znntddXmW34XRfoleLJlB7SRjF4AAAAAOgvsptlhp21Cp3loiA1YuQ==; path=/; Domain=.web-view.net
X-CDN
Incapsula
X-Iinfo
9-13861866-13861867 NNNN CT(7 7 0) RT(1586270644240 12) q(0 0 0 -1) r(0 0) U9
polyfill.min.js
polyfill.io/v3/ 		72 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es6%2Ces7%2Cfetch%2CPromise.prototype.finally
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
age
1630226
normalized-user-agent
chrome/74.0.0
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
FRA
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Thu, 19 Mar 2020 17:46:15 GMT
date
Tue, 07 Apr 2020 14:44:05 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
index.11ef517b.js
www.hpnonline.com/dist/js/ 		244 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/index.11ef517b.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
ea02f27c77dec17d65d0b36b7ea1c9751bd678fe711281fab15e1a892790dcb4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.0|Core:1.25.5
date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:20:41 GMT
server
fbs
etag
W/"3d0a6-1713bb1cfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586270645.cds121.fr8.hn,1586270645.cds060.fr8.sc,1586270646.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1586270646.cds060.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
index.53b8eb74.css
www.hpnonline.com/dist/css/ 		195 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/css/index.53b8eb74.css
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
ffadaa5b028ec126d64eeb8438f814f40d7ba6a033ce156a5eb6e821d3410cf1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

x-version
Site:1.14.0|Core:1.25.5
date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:18:13 GMT
server
fbs
etag
W/"30a7f-1713baf8d88"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586270645.cds121.fr8.hn,1586270645.cds053.fr8.sc,1586270646.cdn2-redis01-fra1.stackpath.systems.-.wx,1586270646.cds053.fr8.p
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
288e28eb360b18bb51f355ca525f59d8f5eba915a58237092036bbff1669f281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"479 / 667 of 1000 / last-modified: 1586189426"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14765
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:44:05 GMT
site_logo_white.png
img.hpnonline.com/files/base/ebm/hpn/image/static/logo/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/static/logo/site_logo_white.png?h=60
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
ef2272f7bb967ee370a06c2e95fc6b18ae1de025b0f389ad99e1444102f30f22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Apr 2020 16:30:53 GMT
server
imgix
age
511992
x-cache
HIT, HIT
content-type
image/png
status
200
cache-control
public, max-age=2592000
x-imgix-id
e0211c2795d6285e489bd6a41baf848de47e3e6c
accept-ranges
bytes
access-control-allow-origin
*
content-length
23724
x-served-by
cache-lax8638-LAX, cache-fra19140-FRA
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed77d02c4d29c4e104ea6b8b90c50da19685375b158db9ca06f64e284bacc945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 14:44:06 GMT
server
ESF
date
Tue, 07 Apr 2020 14:44:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Apr 2020 14:44:06 GMT
css
fonts.googleapis.com/ 		12 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,600,700&display=swap
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f43c1ebb9d03a81af89b4b2c2ff3d5de69f9b9ae4d94ecdfbfb18ab47e3cf00b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 14:44:06 GMT
server
ESF
date
Tue, 07 Apr 2020 14:44:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Apr 2020 14:44:06 GMT
gtm.js
www.googletagmanager.com/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ef1cd6e4a24b74cdea3c038d14e0c83679852fa7b1b00d75d82bd66bae04e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
34751
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Apr 2020 14:44:06 GMT
fortnight.min.js
d24bnj4f1s1f8m.cloudfront.net/1.0.0-rc.4.3/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d24bnj4f1s1f8m.cloudfront.net/1.0.0-rc.4.3/fortnight.min.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:ec00:6:b4cc:d980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1901883b41320f43b0643db4b3e0acec95cd96343ea192995777687b7e3098c4

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Feb 2020 12:24:58 GMT
content-encoding
gzip
x-amz-request-id
F1F4513AF9B9E562
x-cache
Hit from cloudfront
status
200
x-amz-id-2
FldLUv1NZw+gJDda/DIzSX3ViK4t8U6uNkLgkhNOLCQ5RR4qE8+fZbGB7JaWshlOrORZOuiHnDY=
access-control-allow-origin
*
last-modified
Wed, 18 Jul 2018 17:49:39 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-version-id
null
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
y5rmB_kZ043OYl3jV3aFg1VSA3DNKGGfaLkVuS9_RN8rVlMEAiTpPA==
/
www.hpnonline.com/sbbi/ Frame EB96 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
96a6f05a5eb8a8c3ecfc7800a19412b83671e7461cfe92472508bfb8cd465eed

Request headers

:method
GET
:authority
www.hpnonline.com
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPSI=f974b3a1f1afc30a00c315140ec7d611; spcsrf=c23443303668f666ead8676d48bfaa95; sp_lit=w4MFd1wrpa4Ipyi+gjM2CA==; PRLST=Lr; UTGv2=h4d91ef3329bc978612efdb46500a1e99f50
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets

Response headers

status
200
date
Tue, 07 Apr 2020 14:44:06 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
x-hw
1586270646.cds121.fr8.hn,1586270646.cds077.fr8.sc,1586270646.cdn2-wafbe03-fra1.stackpath.systems.-.i,1586270646.cds077.fr8.p
access-control-allow-origin
*
/
www.hpnonline.com/sbbi/ 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hpnonline.com/sbbi/?sbbpg=utMedia&vii=fh947d49b13eaf13f312a9fbcc3907a80601c23e1f5d1b4406e5c070da611e19w9qfg5v0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-accel-expires
0
date
Tue, 07 Apr 2020 14:44:06 GMT
server
fbs
status
200
x-hw
1586270646.cds121.fr8.hn,1586270646.cds154.fr8.sc,1586270646.cdn2-wafbe04-fra1.stackpath.systems.-.i,1586270646.cds154.fr8.p
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
reveal-ad-listener.47f81b67.js
www.hpnonline.com/dist/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/reveal-ad-listener.47f81b67.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
dffd87875217d58f696f50d13310ca28621639317d731d2246c1d6141b2fb7f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.0|Core:1.25.5
date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:20:41 GMT
server
fbs
etag
W/"c71-1713bb1cfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586270646.cds121.fr8.hn,1586270646.cds074.fr8.sc,1586270646.cdn2-wafbe02-fra1.stackpath.systems.-.wx,1586270646.cds074.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
theme-menu-toggle-button.2f2b1190.js
www.hpnonline.com/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/theme-menu-toggle-button.2f2b1190.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
2b9334c002212023f39814dac087f127a4939f0f3ffac43afd7eb172f8fd7fb0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.0|Core:1.25.5
date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:20:41 GMT
server
fbs
etag
W/"1466-1713bb1cfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586270646.cds121.fr8.hn,1586270646.cds123.fr8.sc,1586270646.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1586270646.cds123.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.hpnonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hpnonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020040601.js
securepubads.g.doubleclick.net/gpt/ 		167 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
ca001ccb9e81637d0ca7a61ccddf6f663fb7a5cb777784693e137f184db2b28c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Apr 2020 13:10:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62473
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:44:06 GMT
va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
fonts.gstatic.com/s/firasans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 00:18:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:53 GMT
server
sffe
age
483925
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15212
x-xss-protection
0
expires
Fri, 02 Apr 2021 00:18:41 GMT
va9B4kDNxMZdWfMOD5VnSKzeRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnSKzeRhf6Xl7Glw.woff2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefec80a8ff913dcde9216b9f304c5f44b0474a1d7095a964ec75d0b1b611bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 18:22:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:46 GMT
server
sffe
age
505307
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15304
x-xss-protection
0
expires
Thu, 01 Apr 2021 18:22:19 GMT
marko-web-social-sharing.6d3298c4.js
www.hpnonline.com/dist/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/marko-web-social-sharing.6d3298c4.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
e630479a0bc943ba3e41c918c94a8f796e643462aacee55126ad1ea217908ab0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.0|Core:1.25.5
date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:20:41 GMT
server
fbs
etag
W/"2647-1713bb1cfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586270646.cds121.fr8.hn,1586270646.cds065.fr8.sc,1586270646.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1586270646.cds065.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
wlp_gwjKBV1pqhv43IE7225P.woff2
fonts.gstatic.com/s/cardo/v11/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v11/wlp_gwjKBV1pqhv43IE7225P.woff2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8204d955949011c5828e9abf4d8b96d072565c688aef0b35b502e5c41529a7aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 13:51:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jul 2019 00:02:27 GMT
server
sffe
age
521535
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14860
x-xss-protection
0
expires
Thu, 01 Apr 2021 13:51:51 GMT
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v15/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 13:05:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Mar 2020 18:18:46 GMT
server
sffe
age
869945
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
34172
x-xss-protection
0
expires
Sun, 28 Mar 2021 13:05:01 GMT
vendors~marko-web-photoswipe.8e6cd7eb.js
www.hpnonline.com/dist/js/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/vendors~marko-web-photoswipe.8e6cd7eb.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
ec2a3e1dfcc59cfdc3c3d8ae5460e8b162a9d135f2919ae3c6715a5152f6ed83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.0|Core:1.25.5
date
Tue, 07 Apr 2020 14:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:20:41 GMT
server
fbs
etag
W/"bfcc-1713bb1cfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586270646.cds121.fr8.hn,1586270646.cds093.fr8.sc,1586270647.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1586270647.cds093.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
NCSC_State_sponsored_hackers_using_coronavirus_lures_to_infect_their_targets_pic___3.16.20du___hacker_1944688_1280___Pixabay.5e6f9192680a0.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/03/16x9/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/03/16x9/NCSC_State_sponsored_hackers_using_coronavirus_lures_to_infect_their_targets_pic___3.16.20du___hacker_1944688_1280___Pixabay.5e6f9192680a0.png?auto=format&w=720
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
78cf423a51a7b2d1bd1c98ea9820d5c4020ddfb534e1c4a95ffe9de00f789cea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 13:15:15 GMT
server
imgix
age
5331
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
2205b81e44ac7563e49436af9c64ae4a87cf8394
accept-ranges
bytes
access-control-allow-origin
*
content-length
98944
x-served-by
cache-lax8632-LAX, cache-fra19140-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2894076336347343&correlator=918770389978768&output=ldjh&impl=fifs&adsid=NT&eid=21065816&vrg=2020040601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Clb1%2Crail1%2Crail2%2Cdefault%2Cwa&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F6%2F7&prev_iu_szs=970x250%7C970x90%7C970x66%7C728x90%2C300x250%2C300x600%2C1x1&ists=1&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586270646&dt=1586270646522&dlt=1586270645525&idt=952&frm=20&biw=1585&bih=1200&oid=3&adxs=217%2C995%2C995%2C0&adys=126%2C604%2C1657%2C0&adks=321684541%2C2740456505%2C1285598468%2C4151099877&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=30&icsg=245423&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1176x3672%7C381x3118%7C381x3118%7C1585x1200&msz=1152x250%7C357x250%7C357x600%7C1585x-1&ga_vid=1532328375.1586270647&ga_sid=1586270647&ga_hid=564034546&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
d3642cda81d273f2f42b3b11a9d423f5ce6fff6f6991eac9802f25b505c71781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
6811
x-xss-protection
0
google-lineitem-id
5158768279,5158768279,5335646761,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138285649692,138285737792,138307625587,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020040601.js
securepubads.g.doubleclick.net/gpt/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
8e419501da0266a1484c23d64c16d29118af01f27fe4b43fb11d6bbbb2e4ce5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Apr 2020 13:10:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24418
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:44:06 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		426 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2894076336347343&correlator=918770389978768&output=ldjh&impl=fifs&adsid=NT&eid=21065816&vrg=2020040601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Creskin&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586270646&dt=1586270646554&dlt=1586270645525&idt=952&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=1652501535&ucis=5&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=31&icsg=33799855&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x4242&msz=1585x1&ga_vid=1532328375.1586270647&ga_sid=1586270647&ga_hid=564034546&fws=0&ohw=0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
206d60d55c95fa90aa388e0ad0271fe006a03166f0b3f9b76efb652a859ce93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
223
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2894076336347343&correlator=918770389978768&output=ldjh&impl=fifs&adsid=NT&eid=21065816&vrg=2020040601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Cload-more&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586270646&dt=1586270646581&dlt=1586270645525&idt=952&frm=20&biw=1585&bih=1200&oid=3&adxs=1034&adys=3896&adks=3336226381&ucis=6&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=32&icsg=33799855&std=0&csl=255&vis=1&dmc=8&scr_x=0&scr_y=0&psz=391x370&msz=367x370&ga_vid=1532328375.1586270647&ga_sid=1586270647&ga_hid=564034546&fws=0&ohw=0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
95bcf3418ce34dd78375c5741dd7fd4c60eb8823f741477a1f2d01c55e2e9f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4674
x-xss-protection
0
google-lineitem-id
5335646761
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307234952
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
roundtrip.js
s.adroll.com/j/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
EEryoP57M4BXSHtGt9JFNoNG_YhGzXxp
Content-Encoding
gzip
x-amz-request-id
5B64FB7E0A29A18E
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 14:44:06 GMT
Connection
keep-alive
Content-Length
10905
x-amz-id-2
cyhtZzUMRRH+3azNobhgA/owi1TOIrHigGwio+Vd/0CCKLcw4WcCHJh++0vWdWKuZdO/e9F4VUU=
Last-Modified
Wed, 01 Apr 2020 18:03:06 GMT
Server
AmazonS3
ETag
"9884704eb3fc99427eb5b90c4bbab62c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
634
date
Tue, 07 Apr 2020 14:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 07 Apr 2020 16:33:32 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
br
cf-cache-status
HIT
age
13764873
cf-ray
58048655c98fd6c5-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sun, 28 Mar 2021 14:44:06 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
br
cf-cache-status
HIT
age
22229782
cf-ray
58048655c990d6c5-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 28 Mar 2021 14:44:06 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
olytics.css
olytics.omeda.com/olytics/css/v3/p/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
b1dee28cc772eb1903b9c309483167354c1054136ccf16ef18908b2eecd4b980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 07 Apr 2020 14:44:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 16:30:36 GMT
Server
Apache
ETag
W/"13883-1580488236000"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Accept-Ranges
bytes
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 07 Apr 2020 20:44:18 GMT
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/ 		256 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
591c03fa5d6aeafd8a894846669613efc6fa5103beba00fbada8d2b340039260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 14:44:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Apr 2020 00:56:48 GMT
Server
Apache
ETag
W/"262321-1585875408000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Accept-Ranges
bytes
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 07 Apr 2020 20:44:17 GMT
sapience.js
olytics.as3.io/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/sapience.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGBWQKG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
/
Resource Hash
294854484854cb24749fabe1f0be264fff4c770f6c65d9ba0313074176f74b89

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
content-encoding
gzip
last-modified
Mon, 30 Mar 2020 22:36:25 GMT
age
58060
x-served-by
10.0.1.153
vary
Accept-Encoding
x-cache
HIT: 194206
content-type
application/javascript
status
200
cache-control
max-age=36400
accept-ranges
bytes
content-length
9187
expires
Tue, 07 Apr 2020 00:36:26 GMT
dpm_1592af7e76a7114b4f9beea0be4746f59ada13a6.min.js
s.dpmsrv.com/ 		152 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.dpmsrv.com/dpm_1592af7e76a7114b4f9beea0be4746f59ada13a6.min.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-25.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e9812be9c9f550e2e2dd94de2f7a1d3fa4ca087dc20888be1e931ab5d22c9dc

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 16:54:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Mar 2020 13:00:17 GMT
Server
AmazonS3
Age
78591
ETag
"aedfa3a182d80573f5edd3c20964d8b5"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41396
X-Amz-Cf-Id
wFUQABfCXCcKdpjOuS4hAKN0BudvSsviFcwEbGrODSrfBFwbx9S3Dg==
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2894076336347343&correlator=918770389978768&output=ldjh&impl=fifs&adsid=NT&eid=21065816&vrg=2020040601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Cload-more&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586270646&dt=1586270646665&dlt=1586270645525&idt=952&frm=20&biw=1585&bih=1200&oid=3&adxs=1034&adys=4675&adks=22595528&ucis=7&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=41&icsg=6458158016&mso=1073741824&std=0&csl=259&vis=1&dmc=8&scr_x=0&scr_y=0&psz=391x351&msz=367x351&ga_vid=1532328375.1586270647&ga_sid=1586270647&ga_hid=564034546&fws=0&ohw=0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
9e43586f417fefe3a1e1f722671edd089bf6ed8457588ab8db8d1a3e07a617a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4676
x-xss-protection
0
google-lineitem-id
5335646761
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307624408
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2894076336347343&correlator=918770389978768&output=ldjh&impl=fifs&adsid=NT&eid=21065816&vrg=2020040601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=21687441225%2CHPN%2Cinfection-prevention%2Cload-more&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&cust_params=cont_id%3D21129791%26cont_type%3Darticle%26comp_id%3D%26path%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets%26host%3Dwww%257Chpnonline%257Ccom%26env%3Dproduction%26uri%3D%252Finfection-prevention%252Fcrisis-planning-outbreak-response%252Farticle%252F21129791%252Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&cookie_enabled=1&bc=31&abxe=1&lmt=1586270646&dt=1586270646786&dlt=1586270645525&idt=952&frm=20&biw=1585&bih=1200&oid=3&adxs=250&adys=5052&adks=1214714597&ucis=8&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&dssz=42&icsg=6458158016&mso=1073741824&std=0&csl=259&vis=1&dmc=8&scr_x=0&scr_y=0&psz=391x600&msz=367x600&ga_vid=1532328375.1586270647&ga_sid=1586270647&ga_hid=564034546&fws=0&ohw=0
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
6c393b34d45650404f724a2ec120837bf5067afe93b95e3561d3f91d069562d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4548
x-xss-protection
0
google-lineitem-id
5277826533
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138301130589
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hpnonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 545D 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3788
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 545D 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3788
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame 545D 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3782
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame 545D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd0f2c031e529a98cbaa96da5a6e4b2caa4a850e883a94947634c99612d5a7a9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame BEDD 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3788
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame BEDD 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3788
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame BEDD 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3782
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame BEDD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28ce7c518816cd90c8acf9caa95527f37093649419ae4a7ceaead4e448e246e7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame EF61 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3788
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame EF61 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3788
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame EF61 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3782
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame EF61 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9801dd60e8a9844c5fd81ad486c3b8ac9c7288e433730589705f6f4fa86e7159

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame B8CF 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3788
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame B8CF 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3789
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame B8CF 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3783
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame B8CF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f1274dd4fbc107dcb6d9fbe5727bab85babcb55b58f4a0ad936fc036ef27e6a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame D301 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3788
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame D301 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3789
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame D301 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3783
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame D301 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9d8d607384736507bb1bf49b2e1ce44622b1b7a5963bbf16a346989177f5657

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012003171848440/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
064282bdfcb1d589a67f8940076741fd9b90c43baaae421a71a5a96a226b9e71
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1977
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7178
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 14:11:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8728c2475be0528f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 14:11:10 GMT
11222115162858062618
tpc.googlesyndication.com/simgad/ Frame 545D 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11222115162858062618
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fbeb20754a73882ef8272aa37ca0fb6e665a2318fa34a128e34a60650a3f7f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 00:00:58 GMT
x-content-type-options
nosniff
age
830588
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33702
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:18 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Mar 2021 00:00:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 545D 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrZt-ryTanJItJglhdFjbBj-0ZutAJ6NCzVeoN2ypq94R7pWgzlCookQrBK1MthS_c1xAdN8haHjjhw3GkZSFa782IIFbR8BRe2VkKr5yKw6lzYFzl0zvDAa0GfijiN48khJcF1Y4LGAX_VIMl8XHw2cWRewkycmi85qPR3_FhcnPNzlUsnDTFyC34yVL60wOGSplNYsGajaLvISSHdQx9I-denaLdD0HFK91xQFzqdntQSAUHH-uOzXRf6lhS0OaIXPIr3dxUr5HUB2oPlviqYxpjQo4mPR8xuw&sig=Cg0ArKJSzK0AhdDZXigvEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 545D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVyp8SsABoTFRJEAjPhITfPpEismhzLYiMDZPzZPWjH1x_7LjR1jBDS2_l1pobGmsAzzOeDMe462ywPb6dDuAmw6c-sQ
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers
7258109015763691272
tpc.googlesyndication.com/simgad/ Frame BEDD 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7258109015763691272
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 17:32:28 GMT
x-content-type-options
nosniff
age
853898
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31920
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 17:32:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BEDD 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzTu83VtHZROeT8FGj3PNB1fkDGuVW-M4BtH8t83CAN2xLuL8wZUZIspLnPlrR5IwkvI9m3SDjaS6NIwh8ZR6d6xhtI3e3Stl0xiu6p-jag_eWB5sYM1kEZ6uBVGb0W3C61j_Ib6vaHbjle6zYFSOEzgJsTx6yf0pqd2JyyYLQHBRwaqr-xqtbp_qJgQ5cUz2CJ1aifZuWy2lIF7YWzDr0v3xzgK7l06LGg_o-XQOfnXcOAFuHg3GJNS6s7GOwGmD11A-maNLcXGUgwW_Uy96DMCKrMJHi6pkGvpYg&sig=Cg0ArKJSzD5xJQsmPiyLEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame BEDD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAyLh8JaBwMYMqor3DkqrArfgbkWLQizaHtGKShYdgszikh14aVFFYHAI725X_oZ_meoJ4eIVxF1daRYeygP3dvUh2Ew
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2894076336347343&r=300x600&w=300&h=600
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8769752604912526420
tpc.googlesyndication.com/simgad/ Frame EF61 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8769752604912526420
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75f6ff60d51297ca29c2e6a9acfcdef9646f08b80ff68fc875830ed7619603e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 20:55:19 GMT
x-content-type-options
nosniff
age
1014527
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
69583
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 17:23:06 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Mar 2021 20:55:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EF61 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfknE3McWshZCKuEWROpS0Jgm347O3w9cCC3N5uQudJ4MfK-ho-P_6E9gkbo3i_MBhbhyRTt8LBkq3K6egXxZBSEC_G4UnTO43V85_mqP4RVXJ5ZsocQtD8kawGd7CrzI3zz6aEe_gQxXO0IxW6ihFQhjqmX-pb0VwVTBQL1tvj7GsQPGO2R1EA8UolQvApfr2GG2E1XDinCo6q05xvfBkFBP_MDuK6OTkTgAKQ9TI_f48Pv5KG5M7YwXE59eNTaPEJhIaSFwS5l3FBYOcYApUXn7QxYAWwm-FctH-&sig=Cg0ArKJSzPxfmPdbGAV5EAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame EF61 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWkNVjdTdu3EwoHbpzoOW1LDs08mhPVmw-vUmAB3xLCa6llHEVu7Agdc7Vns-oUUDcxAOmVlGnbw2HjWVoX3iVvScPzg
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers
17997768578495411815
tpc.googlesyndication.com/simgad/ Frame B8CF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17997768578495411815
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47985431711186e65371ceb6a320f0819148b48d06c15ff51679dd476f0d0e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 18:48:15 GMT
x-content-type-options
nosniff
age
1022151
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29507
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 17:14:15 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Mar 2021 18:48:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B8CF 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslEQZU-kyRG1R71OvaDYHyKUgg2HjDm6scVOsuEtXYfF2WFFl_HouWpaL5hFxjFOrQepoOh5qHdLAeCKj0hZ_nzDPCvSatJjBjvomag7Ge8iKEXNLatSIbzWTDdMfOjUfqBcWIlNRIZW-TEPss8cGvEHUQzdRawxVWyx5mjue_IviKdtpEtT-6nGyvBi4YWMwJE7v1UR790r2Awy3iSgA6E31LrQTErz3lAt2rflNbG7CuGV5ubZpUbYmsmXeSdWM_eNHo0PfsCwxb7_-Ql1KlPJiM95n95YBvkQzkBRGGjQ&sig=Cg0ArKJSzEaezKo0BC_vEAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame B8CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTr4goodxmBfijg1Wn-YmMUNjnYnSCXroJwNsq3CVWuyOTgumJGCWF9csE8g4H5nZ5fBSCYtCukBWfsq5kr0AS-PG6MYg
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers
17997768578495411815
tpc.googlesyndication.com/simgad/ Frame D301 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17997768578495411815
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47985431711186e65371ceb6a320f0819148b48d06c15ff51679dd476f0d0e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 18:48:15 GMT
x-content-type-options
nosniff
age
1022151
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29507
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 17:14:15 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Mar 2021 18:48:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D301 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy9P9CZ7S019lzN4dQbCfuoH3K3QISdYxrEHur6MepN-96lI2XmHMzS4ip2qp_wwG6wXGBA0tlXb_EA5Drwk_FwJKZN2lnwh7j00EdPhfKESyyWg3s_OnmpaSYQu2w5r7X-10HndOR2coCiih9x6rDbYH1r5fk3G0iY7PUD57HGOjFiQI5H3VL2dMpdr-EsYWLJZ1BDyxSVEGg0-uT8vi0X2miAe1pL15pQoChnPqaSB0Ifmms7rOGSEFM7nUhUQ-AHkwn1--FgNh7Z84JTDPjEA2hZE7ynqj-RoabT19uiw&sig=Cg0ArKJSzNnd7dTgmNd8EAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame D301 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdPl735IO2Ez_866U6fy8PBMxys7T0GP-obX9jmDMf17ZDFEA6SubNEHFYY4Op7_A9Y8rVmDWjJnX0XZb0JjBiNQVyow
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers
Detained__undocumented_immigrants_are_vulnerable_to_COVID_19_pic___4.7.20du___migration_3129340_1920___Pixabay.5e8c90ecafc57.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/Detained__undocumented_immigrants_are_vulnerable_to_COVID_19_pic___4.7.20du___migration_3129340_1920___Pixabay.5e8c90ecafc57.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
ead5f3fd418cfe144b3f7b86716c46cca13c7a8f2db2873170a099216da193fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:40:52 GMT
server
imgix
age
144
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
4086a742c19652cefa9f3112e3b5f7ca66cff648
accept-ranges
bytes
access-control-allow-origin
*
content-length
6160
x-served-by
cache-lax8645-LAX, cache-fra19140-FRA
Getinge_to_further_increase_production_capacity_of_ventilators_in_2020_pic___4.7.20du___26792505186_b483bff272_o___FDA_Flickr.5e8c8f3aa195e.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/1x1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/1x1/Getinge_to_further_increase_production_capacity_of_ventilators_in_2020_pic___4.7.20du___26792505186_b483bff272_o___FDA_Flickr.5e8c8f3aa195e.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
317bf1d62cfffb0a5f635b114e9d169ca73cd50fac5f97b92b010c635b35818b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:37:06 GMT
server
imgix
age
421
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
0cf3f868dcef2ef9fdf079ab3cbd5a7914485971
accept-ranges
bytes
access-control-allow-origin
*
content-length
5336
x-served-by
cache-lax8635-LAX, cache-fra19140-FRA
Cantel_announces_initiatives_to_help_fight_COVID_19_pic___4.7.20du___insulation_station_4984462_1920___Pixabay.5e8c8e9f178a0.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/Cantel_announces_initiatives_to_help_fight_COVID_19_pic___4.7.20du___insulation_station_4984462_1920___Pixabay.5e8c8e9f178a0.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
88bd9dfe93a94d11c89bb8c841849f47c5bc3e7bc828c7bbab6649ad5ae6c7d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:33:17 GMT
server
imgix
age
649
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
99faf47b241cab3f270555325be16773a8ec9412
accept-ranges
bytes
access-control-allow-origin
*
content-length
5942
x-served-by
cache-lax8639-LAX, cache-fra19140-FRA
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 4896 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3789
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003171848440/ Frame 4896 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3789
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55861
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:40:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66e23296f665ec26"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:40:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003171848440/v0/ Frame 4896 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3783
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6205ff224420b8da"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 13:41:04 GMT
truncated
/ Frame 4896 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e9813ae3cdb732d3cd087e980f42a4abadca96d198a0aef92ac9cd24fd6d090

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
11400159902587238257
tpc.googlesyndication.com/simgad/ Frame 4896 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11400159902587238257
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b7080c0b6dd6f7ed3d49227b78a09f5dcb914d9ea72a2e6177d12e506bfe97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 14:00:16 GMT
x-content-type-options
nosniff
age
261831
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
66185
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 22:02:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 14:00:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4896 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBjQVtsqSfmDMKSAjz4to_nHruMRNuEqpg-4A0tNLrHNYUJJmj439XjqWpZalaFQGoa1wyBE_cEMXDIV3RRSoumyDHdTyPKyeXnailhVERzCMEameLypFyCWWKSVOGTPkbJWQA6cb2iWULdW6fUiBYq2Vx_pg7QAtFbYVUAoiyrC4fSOof3z1SAJdBeKgNTv_VekljOxMuofh4d27hl_Mb-NBDfNbTGEOxQo9dpugL5ZeB-fWE458Wmncf-zcNogR3G9LU3vPD5xBASnEjGcVu-eKfQhHIngdFrnhU0SSH2g&sig=Cg0ArKJSzBDYqJ21eCn8EAE&adurl=
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
gam-fixed-ad-bottom.e52a81e2.js
www.hpnonline.com/dist/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/dist/js/gam-fixed-ad-bottom.e52a81e2.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/dist/js/index.11ef517b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
dc7c05ecff2e2824bbfa33b38c9a86e8fa6ecaca29777cd1f6f1d80b99c8b4af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-version
Site:1.14.0|Core:1.25.5
date
Tue, 07 Apr 2020 14:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:20:41 GMT
server
fbs
etag
W/"4ede-1713bb1cfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
x-hw
1586270647.cds121.fr8.hn,1586270647.cds158.fr8.sc,1586270647.cdn2-redis01-fra1.stackpath.systems.-.wx,1586270647.cds158.fr8.p
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=564034546&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62993175-5&cid=1532328375.1586270647&jid=1810837136&_gid=479237850.1586270647&gjid=1554352214&_v=j81&z=760110442
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62993175-5&cid=1532328375.1586270647&jid=1810837136&_gid=479237850.1586270647&gjid=1554352214&_v=j81&z=760110442
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 07 Apr 2020 14:44:07 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:44:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62993175-5&cid=1532328375.1586270647&jid=1810837136&_gid=479237850.1586270647&gjid=1554352214&_v=j81&z=760110442
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/L5HHENJSKZDLXBM4TXRFHG/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
oJIzvk_mmLAXF5iekxvT5NnrQtQSmq7M
Content-Encoding
gzip
x-amz-request-id
CC0F73FCFF952524
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 14:44:07 GMT
Connection
keep-alive
Content-Length
48
x-amz-id-2
l2SuY/Zqhw+xyJkj7InfvqoJzNpqh9IGnRBj0DT2XibyJ/lFEH5SE9WbzHsCVnMaz+lknVzoYg8=
Last-Modified
Thu, 02 Apr 2020 22:43:50 GMT
Server
AmazonS3
ETag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Tue, 07 Apr 2020 14:44:07 GMT
Server
AkamaiGHost
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/L5HHENJSKZDLXBM4TXRFHG/SROMGM2TYZBCRL2ZFL7G45/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/L5HHENJSKZDLXBM4TXRFHG/SROMGM2TYZBCRL2ZFL7G45/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
k39iXouv7dgjE.J6TXv_Zu653.vZGc2x
Content-Encoding
gzip
x-amz-request-id
F619C2F0518F0DAC
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 14:44:07 GMT
Connection
keep-alive
Content-Length
635
x-amz-id-2
O06uQUtMT5zmiiJmahnCwT/Te/RVt6ZJEUDFuflQ2IWmebkVmfp4qsGZ33uXR/OGtA23g9lPXpc=
Last-Modified
Mon, 06 Apr 2020 14:06:21 GMT
Server
AmazonS3
ETag
"3996d65282dd996ee0d7d4c90c139158"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/L5HHENJSKZDLXBM4TXRFHG?_s=28e783f57fbb4fa615d1766639fa1ba4&_b=2
  • https://d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/?_s=28e783f57fbb4fa615d1766639fa1ba4&_b=2
106 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/?_s=28e783f57fbb4fa615d1766639fa1ba4&_b=2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
4b17f65b9c3e956c423712d1f6fad95924947f4ea247683ff9f4174886052532

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 07 Apr 2020 14:44:07 GMT
server
nginx/1.16.1
content-length
106
content-type
application/javascript

Redirect headers

status
302
date
Tue, 07 Apr 2020 14:44:07 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/L5HHENJSKZDLXBM4TXRFHG/?_s=28e783f57fbb4fa615d1766639fa1ba4&_b=2
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1120%26pixelIndex%3D0%26r%3D63170%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.hpnonline.com...
  • https://a.dpmsrv.com/dpmpxl/index.php?id=7815830266545197472&q=xImp&v=1.x&cl=1120&pixelIndex=0&r=63170&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-out...
255 B
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?id=7815830266545197472&q=xImp&v=1.x&cl=1120&pixelIndex=0&r=63170&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&_=1586270647149
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-233-94.compute-1.amazonaws.com
Software
/
Resource Hash
93664b56b5c9e9601e83d213ded1293cf3eeff5f10b10519a1d9eb909c38b8ec

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
224
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 14:44:09 GMT
AN-X-Request-Uuid
1393d865-2c44-40ed-94b1-e5096eae492b
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://a.dpmsrv.com/dpmpxl/index.php?id=7815830266545197472&q=xImp&v=1.x&cl=1120&pixelIndex=0&r=63170&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&_=1586270647149
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
US_braces_for_tough_COVID_19_week__deaths_drop_in_parts_of_Europe_pic___4.6.20du___usa_4974031_1920___Pixabay.5e8b411805052.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/US_braces_for_tough_COVID_19_week__deaths_drop_in_parts_of_Europe_pic___4.6.20du___usa_4974031_1920___Pixabay.5e8b411805052.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
f7ee326c59bf8f12482938d03d5f3a9fdd26523b2fc506870db2293ee87c1bf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Apr 2020 14:49:32 GMT
server
imgix
age
86075
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
1acceb98b2333650b960f6b579cfff9d490ffc29
accept-ranges
bytes
access-control-allow-origin
*
content-length
5448
x-served-by
cache-lax8644-LAX, cache-fra19140-FRA
hpn
olytics.as3.io/events/ebm/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/events/ebm/hpn
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
server
Apache/2.4.25 (Debian)
access-control-allow-origin
*
x-powered-by
PHP/5.6.40
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/html; charset=UTF-8
status
200
cache-control
public, s-maxage=2592000
access-control-allow-headers
origin, content-type, accept, user-agent
content-length
0
hpn
olytics.as3.io/events/ebm/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/events/ebm/hpn
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 07 Apr 2020 14:44:07 GMT
server
Apache/2.4.25 (Debian)
access-control-allow-origin
*
x-powered-by
PHP/5.6.40
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/html; charset=UTF-8
status
200
cache-control
public, s-maxage=2592000
access-control-allow-headers
origin, content-type, accept, user-agent
content-length
0
/
www.hpnonline.com/sbbi/ Frame EB96 		516 B
460 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

:method
POST
:authority
www.hpnonline.com
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2
content-length
363
pragma
no-cache
cache-control
no-cache
origin
https://www.hpnonline.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPSI=f974b3a1f1afc30a00c315140ec7d611; spcsrf=c23443303668f666ead8676d48bfaa95; sp_lit=w4MFd1wrpa4Ipyi+gjM2CA==; PRLST=Lr; UTGv2=h4d91ef3329bc978612efdb46500a1e99f50; adOtr=b493f17faa1; __gads=ID=5406f6e97a9b34ff:T=1586270646:S=ALNI_MYy1F98nMz7Ht4oIf2r4ZWhXVVFGg; _ga=GA1.2.1532328375.1586270647; _gid=GA1.2.479237850.1586270647; _gat_UA-62993175-5=1; dpm_url_count=1; __sapience_v=%7B%22id%22%3A%222c60f6d1-16b9-4f13-942d-3369391e5073%22%2C%22customerId%22%3Anull%7D; __sapience_s=%7B%22id%22%3A%2240cdc115-b8b5-4401-9751-5e304c8eefaa%22%2C%22createdAt%22%3A%22Tue%2C%2007%20Apr%202020%2014%3A44%3A07%20GMT%22%7D
Origin
https://www.hpnonline.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2

Response headers

status
200
date
Tue, 07 Apr 2020 14:44:07 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
x-hw
1586270647.cds121.fr8.hn,1586270647.cds150.fr8.sc,1586270647.cdn2-wafbe04-fra1.stackpath.systems.-.i,1586270647.cds150.fr8.p
access-control-allow-origin
*
Pilot_study_explores_convalescent_plasma_therapy_for_COVID_19_pic___4.7.20du___covid_19_5000501_1920___Pixabay.5e8c8d3e33d69.png
img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hpnonline.com/files/base/ebm/hpn/image/2020/04/16x9/Pilot_study_explores_convalescent_plasma_therapy_for_COVID_19_pic___4.7.20du___covid_19_5000501_1920___Pixabay.5e8c8d3e33d69.png?auto=format&fit=crop&h=75&w=75
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cc8f2eff94a9a84434ad2c6e372b17ab0d8b930a448c11e966bb8830879e59d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 07 Apr 2020 14:44:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 14:25:52 GMT
server
imgix
age
1096
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
status
200
cache-control
public, max-age=86400
x-imgix-id
aaa63e68c88359f4d4c9886aaf5865ca3243c288
accept-ranges
bytes
access-control-allow-origin
*
content-length
5784
x-served-by
cache-lax8644-LAX, cache-fra19140-FRA
hpn
olytics.as3.io/events/ebm/ 		16 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/events/ebm/hpn
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:44:08 GMT
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/5.6.40
status
201
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache=Set-Cookie, private, s-maxage=0
content-length
16
expires
Sat, 01 Jan 2000 01:01:01 GMT
hpn
olytics.as3.io/events/ebm/ 		16 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.as3.io/events/ebm/hpn
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.221.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-221-155.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:44:08 GMT
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/5.6.40
status
201
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache=Set-Cookie, private, s-maxage=0
content-length
16
expires
Sat, 01 Jan 2000 01:01:01 GMT
consent.js
s.adroll.com/j/ 		243 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
W7pJTDq0578OcjyRZxtRH_BjDuWCGgRc
Content-Encoding
gzip
x-amz-request-id
BFDDD219E02D63AA
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 14:44:08 GMT
Connection
keep-alive
Content-Length
33195
x-amz-id-2
0vEYWSNr8BIWIFx+Vt855bKM9PGQi1O3TTl+RSbaQgK2eZJeo3lhhvwHGpfanAseKG0Oz2obOWc=
Last-Modified
Tue, 19 Nov 2019 20:42:26 GMT
Server
AmazonS3
ETag
"2f9f76c2d377be42af05cdf34c632618"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7815830266545197472&pixelIndex=0&_=1586270647150
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7815830266545197472&pixelIndex=0&_=1586270647150&google_gid=CAESELNEPOFtDvDn2mRrgJJijYg&google_cver=1
0
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7815830266545197472&pixelIndex=0&_=1586270647150&google_gid=CAESELNEPOFtDvDn2mRrgJJijYg&google_cver=1
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-233-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:44:08 GMT
server
HTTP server (unknown)
location
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7815830266545197472&pixelIndex=0&_=1586270647150&google_gid=CAESELNEPOFtDvDn2mRrgJJijYg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
368
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
423396.gif
idsync.rlcdn.com/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/423396.gif?partner_uid=7815830266545197472
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Tue, 07 Apr 2020 14:44:08 GMT
via
1.1 google
alt-svc
clear
11222115162858062618
tpc.googlesyndication.com/simgad/ Frame 545D 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11222115162858062618
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fbeb20754a73882ef8272aa37ca0fb6e665a2318fa34a128e34a60650a3f7f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 00:00:58 GMT
x-content-type-options
nosniff
age
830590
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33702
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:18 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Mar 2021 00:00:58 GMT
7258109015763691272
tpc.googlesyndication.com/simgad/ Frame BEDD 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7258109015763691272
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 17:32:28 GMT
x-content-type-options
nosniff
age
853900
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31920
x-xss-protection
0
last-modified
Wed, 28 Aug 2019 13:16:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 17:32:28 GMT
8769752604912526420
tpc.googlesyndication.com/simgad/ Frame EF61 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8769752604912526420
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75f6ff60d51297ca29c2e6a9acfcdef9646f08b80ff68fc875830ed7619603e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 20:55:19 GMT
x-content-type-options
nosniff
age
1014529
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
69583
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 17:23:06 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Mar 2021 20:55:19 GMT
17997768578495411815
tpc.googlesyndication.com/simgad/ Frame B8CF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17997768578495411815
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47985431711186e65371ceb6a320f0819148b48d06c15ff51679dd476f0d0e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 18:48:15 GMT
x-content-type-options
nosniff
age
1022153
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29507
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 17:14:15 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Mar 2021 18:48:15 GMT
17997768578495411815
tpc.googlesyndication.com/simgad/ Frame D301 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17997768578495411815
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47985431711186e65371ceb6a320f0819148b48d06c15ff51679dd476f0d0e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 18:48:15 GMT
x-content-type-options
nosniff
age
1022153
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29507
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 17:14:15 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Mar 2021 18:48:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

timing-allow-origin
*
date
Tue, 07 Apr 2020 14:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
18139634824200265979
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:44:08 GMT
olytics
oqs.omeda.com/oqs/rest/ 		0
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 07 Apr 2020 14:44:08 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Headers
Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Length
0
X-XSS-Protection
1; mode=block
11400159902587238257
tpc.googlesyndication.com/simgad/ Frame 4896 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11400159902587238257
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b7080c0b6dd6f7ed3d49227b78a09f5dcb914d9ea72a2e6177d12e506bfe97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 14:00:16 GMT
x-content-type-options
nosniff
age
261832
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
66185
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 22:02:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Apr 2021 14:00:16 GMT
gpt.js
www.googletagservices.com/tag/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

date
Tue, 07 Apr 2020 14:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"479 / 247 of 1000 / last-modified: 1586189426"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:44:08 GMT
hod
d.adroll.com/consent/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/consent/hod?_e=view_banner&_s=28e783f57fbb4fa615d1766639fa1ba4&_b=2.1&_a=L5HHENJSKZDLXBM4TXRFHG
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
date
Tue, 07 Apr 2020 14:44:08 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.16.1
content-length
42
vary
Cookie
content-type
image/gif
/
www.hpnonline.com/sbbi/ Frame EB96 		426 B
461 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
8baa9ba17e5f5844e1d59c4c2b0760b012c1d1c91f9c50da7b405700ca057fb9

Request headers

:method
GET
:authority
www.hpnonline.com
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=Lr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.hpnonline.com/sbbi/?sbbpg=sbbShell&gprid=Lr&sbbgs=h4d91ef3329bc978612efdb46500a1e99f50&ddl=2

Response headers

status
200
date
Tue, 07 Apr 2020 14:44:08 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
set-cookie
SPSI=77f0c26c67cb09072700898b771d0aa9; path=/;
server
fbs
x-accel-expires
0
x-hw
1586270648.cds121.fr8.hn,1586270648.cds141.fr8.sc,1586270648.cdn2-redis01-fra1.stackpath.systems.-.i,1586270648.cds141.fr8.p
access-control-allow-origin
*
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040601&st=env
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf83010b4d08badcd59b30c4c69b8eb240311565befa64d21b7dc39ae7eb597b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Apr 2020 14:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5144
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 14:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Tue, 07 Apr 2020 14:44:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame DECA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Tue, 07 Apr 2020 14:32:19 GMT
expires
Wed, 07 Apr 2021 14:32:19 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
709
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
olytics
oqs.omeda.com/oqs/rest/ 		15 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
8f78cfd70561bfbb767311940126a4ccdfe36f1b955a5fd385df8617bca6417a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Apr 2020 14:44:08 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040601&jk=2894076336347343&bg=!TU6lTlZY86sWV313w1ACAAAAw1IAAAASmQFdVF8q8HsEUA70hfBqprBnmDioxxinYcKnHMTvG0JLsQJteDCbV25e_T3A2YtAPLwdQvyrZLbjfVzk855I7Kz6jErhS69IovB4e_KGrX9Z0gVelWb_1hK5ZRSjP7LAk5STbMk7mmvnHhxmVTZq3_XCRUTR6lTiSDUdQD6IzWn4OxQgOvSHJuNCr-dA-_X8rjyIvJhq-EQCYToFSc027BfoX_LYFUN-dcav_LVrny0tTiKHsI8zzRu0uI65b9o-1tsxCEthz-4mOwAnWkjSdr1u5LLn7kTaG1pJ8yBRVwhDeTX-KvHl1g5RTM0KAzK1lVMthKTxM2A95S6jjjTi2EJxfmqkmM1qGatLXV02f00yOxLJdybex19OX9oF2HXH3FdfE_nvSI3zMH7xCVVAS2OmAetoMv9X6L1qwPstDiB0V9irXryAUiBaeMCwh5obcoVei1edeyyf8gshN9MxCg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:44:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 545D 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAVUJd4nROHX19dayMrBA8SIjNYPkGQCwMufd9iQv_SAiwqfNsBoVy5U0UPTUc9NQG63rrm_FUb-gSZ047SugddiQF1cmxfWdSi8FJ0Ag&sig=Cg0ArKJSzOWtfK1rts41EAE&id=ampim&o=429,126&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=580&tls=1580&g=100&h=100&tt=1580&r=v&adk=321684541&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:44:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BEDD 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQN3_9BK9injBgtNxyDTXFcjdOKZF6PuxDpvaoyKJBa91WJTbuXP1OMsmBMQav3aAtG1hGUvOoPgz2YdXfUoW6D0KuiKWhLvj13Nt_ciI&sig=Cg0ArKJSzFwy23jPLVAZEAE&id=ampim&o=1024,504&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=529&tls=1531&g=100&h=100&tt=1531&r=v&adk=2740456505&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 14:44:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
olytics.omeda.com/olytics/segments/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/p
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 07 Apr 2020 14:44:19 GMT
Server
Apache
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
/
olytics.omeda.com/olytics/segments/form/check/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 07 Apr 2020 14:44:21 GMT
Server
Apache
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
p
olytics.omeda.com/olytics/segments/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
7b6331a712f1b6e192f9a991657db5b18a2437a5e37dcc997f3b17ecba5a8df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Apr 2020 14:44:19 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
/
olytics.omeda.com/olytics/segments/form/check/ 		20 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Apr 2020 14:44:19 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
index.php
a.dpmsrv.com/dpmpxl/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=20958681%2C21130652&cl=1120&pixelIndex=0&r=526701&tzOffset=-120&url=https%3A%2F%2Fwww.hpnonline.com%2Finfection-prevention%2Fcrisis-planning-outbreak-response%2Farticle%2F21129791%2Fstatesponsored-hackers-using-coronavirus-lures-to-infect-their-targets&id=7815830266545197472&_=1586270647151
Requested by
Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_1592af7e76a7114b4f9beea0be4746f59ada13a6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-233-94.compute-1.amazonaws.com
Software
/
Resource Hash
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
31
Expires
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/seg?member=827&add=20958681,21130652
  • https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D20958681%2C21130652
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D20958681%2C21130652
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 14:44:12 GMT
AN-X-Request-Uuid
dbac2ea5-1c49-4412-9d3b-3e9f11dadcb5
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.82:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 14:44:12 GMT
AN-X-Request-Uuid
a8581096-a465-45fd-98ea-2fd2429e59cd
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D20958681%2C21130652
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xclose.png
olytics.omeda.com/olytics/img/ 		958 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olytics.omeda.com/olytics/img/xclose.png
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
2862ad1a2d8a7f739b935dc2fa1cbed5c426d68572d1032a08f2c7f5c1c0bf59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 07 Apr 2020 14:44:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Mar 2018 13:37:38 GMT
Server
Apache
ETag
W/"958-1521812258000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Wed, 08 Apr 2020 02:44:31 GMT
va9f4kDNxMZdWfMOD5VvkrBiQyf4VFnklULW.woff2
fonts.gstatic.com/s/firasans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9f4kDNxMZdWfMOD5VvkrBiQyf4VFnklULW.woff2
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5637459665d0aec1a29d8700169430087de6bd3240e4ef5fb23bb09370b4766b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:300i,400,600|Cardo|Lora:400,400i,700,700i
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 21:29:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:58 GMT
server
sffe
age
2394906
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15928
x-xss-protection
0
expires
Wed, 10 Mar 2021 21:29:14 GMT
imp
olytics.omeda.com/olytics/segments/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/imp
Requested by
Host: www.hpnonline.com
URL: https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.hpnonline.com
Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 07 Apr 2020 14:44:32 GMT
Server
Apache
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
imp
olytics.omeda.com/olytics/segments/ 		20 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/imp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
Origin
https://www.hpnonline.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Apr 2020 14:44:32 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonpCMSBrowserComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| lazySizes function| vueRecaptchaApiLoaded object| CMSBrowserComponents object| googletag object| dataLayer string| FortnightObject function| fortnight string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid object| sbbeccfi string| sbbgs object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| google_tag_manager object| __core-js_shared__ number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id object| gaGlobal number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt number| sbbtstflgsbbhbka boolean| sbbhbka string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| GoogleAnalyticsObject function| ga string| olyticsOid string| olyticsBehaviorId string| method object| olytics object| a function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_data object| gaplugins object| gaData string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback function| Dpxl object| dpmPixels object| jQuery11110950075057822446 object| cookieconsent function| uuid object| Sapience object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP function| __cmp object| adroll_exp_list object| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| JSON3 function| normalize boolean| sbrmp object| $jscomp string| BANNER_VERSION object| __adroll_consent_banner object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
www.hpnonline.com/ Name: SPSI
Value: 77f0c26c67cb09072700898b771d0aa9

8 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api info URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003171848440 https://www.hpnonline.com/infection-prevention/crisis-planning-outbreak-response/article/21129791/statesponsored-hackers-using-coronavirus-lures-to-infect-their-targets
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 1)
Message:
olytics fire called
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 1)
Message:
personalization impression sent

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
d.adroll.com
d.adroll.mgr.consensu.org
d24bnj4f1s1f8m.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
img.hpnonline.com
olytics.as3.io
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
polyfill.io
s.adroll.com
s.dpmsrv.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trailer.web-view.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.hpnonline.com
143.204.97.25
149.126.77.62
151.139.128.10
172.217.18.98
185.33.221.14
204.180.130.159
204.180.130.165
216.58.207.66
23.213.164.149
2600:9000:21f3:ec00:6:b4cc:d980:21
2606:4700::6810:84e5
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:814::2002
2a00:1450:4001:814::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:820::2003
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9d
2a04:4e42:3::720
2a04:4e42:400::621
3.248.28.111
35.190.72.21
52.0.233.94
54.174.221.155
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
064282bdfcb1d589a67f8940076741fd9b90c43baaae421a71a5a96a226b9e71
0e9812be9c9f550e2e2dd94de2f7a1d3fa4ca087dc20888be1e931ab5d22c9dc
1901883b41320f43b0643db4b3e0acec95cd96343ea192995777687b7e3098c4
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8
206d60d55c95fa90aa388e0ad0271fe006a03166f0b3f9b76efb652a859ce93e
2862ad1a2d8a7f739b935dc2fa1cbed5c426d68572d1032a08f2c7f5c1c0bf59
288e28eb360b18bb51f355ca525f59d8f5eba915a58237092036bbff1669f281
28ce7c518816cd90c8acf9caa95527f37093649419ae4a7ceaead4e448e246e7
294854484854cb24749fabe1f0be264fff4c770f6c65d9ba0313074176f74b89
2b9334c002212023f39814dac087f127a4939f0f3ffac43afd7eb172f8fd7fb0
2ef1cd6e4a24b74cdea3c038d14e0c83679852fa7b1b00d75d82bd66bae04e57
2fbeb20754a73882ef8272aa37ca0fb6e665a2318fa34a128e34a60650a3f7f1
317bf1d62cfffb0a5f635b114e9d169ca73cd50fac5f97b92b010c635b35818b
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
47985431711186e65371ceb6a320f0819148b48d06c15ff51679dd476f0d0e7f
4b17f65b9c3e956c423712d1f6fad95924947f4ea247683ff9f4174886052532
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5637459665d0aec1a29d8700169430087de6bd3240e4ef5fb23bb09370b4766b
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
591c03fa5d6aeafd8a894846669613efc6fa5103beba00fbada8d2b340039260
623215f023ffacc2ebd4bd4e844d4017101b15ea7cf5f08d643c604d1742e8cf
6c393b34d45650404f724a2ec120837bf5067afe93b95e3561d3f91d069562d6
75f6ff60d51297ca29c2e6a9acfcdef9646f08b80ff68fc875830ed7619603e6
78cf423a51a7b2d1bd1c98ea9820d5c4020ddfb534e1c4a95ffe9de00f789cea
7ad08459ee98075f8fc585c56f386e6d2e87ede404f83a25bbfa8562925cd74f
7b6331a712f1b6e192f9a991657db5b18a2437a5e37dcc997f3b17ecba5a8df0
8204d955949011c5828e9abf4d8b96d072565c688aef0b35b502e5c41529a7aa
82b7080c0b6dd6f7ed3d49227b78a09f5dcb914d9ea72a2e6177d12e506bfe97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88bd9dfe93a94d11c89bb8c841849f47c5bc3e7bc828c7bbab6649ad5ae6c7d4
8baa9ba17e5f5844e1d59c4c2b0760b012c1d1c91f9c50da7b405700ca057fb9
8e419501da0266a1484c23d64c16d29118af01f27fe4b43fb11d6bbbb2e4ce5d
8f78cfd70561bfbb767311940126a4ccdfe36f1b955a5fd385df8617bca6417a
93664b56b5c9e9601e83d213ded1293cf3eeff5f10b10519a1d9eb909c38b8ec
95bcf3418ce34dd78375c5741dd7fd4c60eb8823f741477a1f2d01c55e2e9f4f
96a6f05a5eb8a8c3ecfc7800a19412b83671e7461cfe92472508bfb8cd465eed
9801dd60e8a9844c5fd81ad486c3b8ac9c7288e433730589705f6f4fa86e7159
9e43586f417fefe3a1e1f722671edd089bf6ed8457588ab8db8d1a3e07a617a2
9e9813ae3cdb732d3cd087e980f42a4abadca96d198a0aef92ac9cd24fd6d090
9f1274dd4fbc107dcb6d9fbe5727bab85babcb55b58f4a0ad936fc036ef27e6a
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dee28cc772eb1903b9c309483167354c1054136ccf16ef18908b2eecd4b980
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
ca001ccb9e81637d0ca7a61ccddf6f663fb7a5cb777784693e137f184db2b28c
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
cc8f2eff94a9a84434ad2c6e372b17ab0d8b930a448c11e966bb8830879e59d3
cefec80a8ff913dcde9216b9f304c5f44b0474a1d7095a964ec75d0b1b611bc2
cf83010b4d08badcd59b30c4c69b8eb240311565befa64d21b7dc39ae7eb597b
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d3642cda81d273f2f42b3b11a9d423f5ce6fff6f6991eac9802f25b505c71781
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
dc7c05ecff2e2824bbfa33b38c9a86e8fa6ecaca29777cd1f6f1d80b99c8b4af
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
dd0f2c031e529a98cbaa96da5a6e4b2caa4a850e883a94947634c99612d5a7a9
dffd87875217d58f696f50d13310ca28621639317d731d2246c1d6141b2fb7f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e630479a0bc943ba3e41c918c94a8f796e643462aacee55126ad1ea217908ab0
ea02f27c77dec17d65d0b36b7ea1c9751bd678fe711281fab15e1a892790dcb4
ead5f3fd418cfe144b3f7b86716c46cca13c7a8f2db2873170a099216da193fe
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec2a3e1dfcc59cfdc3c3d8ae5460e8b162a9d135f2919ae3c6715a5152f6ed83
ed77d02c4d29c4e104ea6b8b90c50da19685375b158db9ca06f64e284bacc945
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2272f7bb967ee370a06c2e95fc6b18ae1de025b0f389ad99e1444102f30f22
f43c1ebb9d03a81af89b4b2c2ff3d5de69f9b9ae4d94ecdfbfb18ab47e3cf00b
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7ee326c59bf8f12482938d03d5f3a9fdd26523b2fc506870db2293ee87c1bf1
f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d
f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d
f9d8d607384736507bb1bf49b2e1ce44622b1b7a5963bbf16a346989177f5657
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
ffadaa5b028ec126d64eeb8438f814f40d7ba6a033ce156a5eb6e821d3410cf1