Submitted URL: https://protect-us.mimecast.com/s/9gfGC5yW1JfwQ3oguxEkC5
Effective URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Submission: On November 18 via api from US

Summary

This website contacted 34 IPs in 6 countries across 33 domains to perform 187 HTTP transactions. The main IP is 2001:8d8:100f:f000::289, located in Germany and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is securityaffairs.co.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 8th 2020. Valid for: a year.
This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.12 30031 (MIMECAST-)
43 2001:8d8:100f... 8560 (ONEANDONE...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
7 68.183.31.14 14061 (DIGITALOC...)
10 192.0.77.2 2635 (AUTOMATTIC)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
38 104.111.214.39 16625 (AKAMAI-AS)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20a... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20a... 16509 (AMAZON-02)
2 3.121.118.243 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
4 35.244.159.8 15169 (GOOGLE)
2 178.162.133.150 60781 (LEASEWEB-...)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 37.252.173.27 29990 (ASN-APPNEX)
2 18.195.112.7 16509 (AMAZON-02)
2 198.148.27.134 19189 (PULSEPOINT)
2 3 2606:2800:233... 15133 (EDGECAST)
1 104.19.134.78 13335 (CLOUDFLAR...)
4 54.153.104.139 16509 (AMAZON-02)
6 23 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.162 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 151.101.113.108 54113 (FASTLY)
2 2.18.233.180 16625 (AKAMAI-AS)
2 6 198.148.27.140 19189 (PULSEPOINT)
2 2 185.29.135.226 30419 (MEDIAMATH...)
12 178.162.133.149 60781 (LEASEWEB-...)
6 6 213.19.147.150 26120 (RHYTHMONE)
5 5 52.31.46.99 16509 (AMAZON-02)
8 8 35.156.19.236 16509 (AMAZON-02)
2 2 193.0.160.129 54312 (ROCKETFUEL)
1 1 176.9.82.116 24940 (HETZNER-AS)
187 34
Apex Domain
Subdomains
Transfer
43 securityaffairs.co
securityaffairs.co
1 MB
42 media.net
contextual.media.net
lg3.media.net
cvision.media.net
navvy.media.net
487 KB
14 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
10 KB
13 pixfuture.com
served-by.pixfuture.com
cdn.pixfuture.com
892 KB
12 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
263 KB
12 wp.com
i0.wp.com
i1.wp.com
i2.wp.com
stats.wp.com
pixel.wp.com
76 KB
9 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
428 B
8 bidswitch.net
x.bidswitch.net
3 KB
8 contextweb.com
bid.contextweb.com
bh.contextweb.com
3 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 sharethis.com
ws.sharethis.com
platform-api.sharethis.com
buttons-config.sharethis.com
l.sharethis.com
40 KB
4 1rx.io
sync.1rx.io
3 KB
4 adnxs.com
ib.adnxs.com
acdn.adnxs.com
2 KB
4 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
178 B
4 openx.net
pixfuture2-d.openx.net
eu-u.openx.net
919 B
4 google-analytics.com
www.google-analytics.com
google-analytics.com
37 KB
3 advertising.com
adserver-us.adtech.advertising.com
778 B
2 rfihub.com
p.rfihub.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 googletagservices.com
www.googletagservices.com
55 KB
2 google.com
adservice.google.com
1 KB
2 google.de
adservice.google.de
296 B
2 googleadservices.com
partner.googleadservices.com
908 B
2 360yield.com
ice.360yield.com
622 B
2 facebook.net
connect.facebook.net
62 KB
2 mimecast.com
protect-us.mimecast.com
1 KB
1 splicky.com
bidswitch-eu.splicky.com
236 B
1 mgid.com
prebid.mgid.com
593 B
1 gravatar.com
secure.gravatar.com
1 KB
1 consensu.org
c.sharethis.mgr.consensu.org
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
5 KB
0 googleapis.com Failed
fonts.googleapis.com Failed
187 33
Domain Requested by
43 securityaffairs.co securityaffairs.co
23 contextual.media.net securityaffairs.co
contextual.media.net
12 sync.go.sonobi.com
11 lg3.media.net securityaffairs.co
contextual.media.net
8 x.bidswitch.net 8 redirects
8 pagead2.googlesyndication.com cdn.pixfuture.com
pagead2.googlesyndication.com
7 served-by.pixfuture.com securityaffairs.co
served-by.pixfuture.com
6 cm.g.doubleclick.net 6 redirects
6 bh.contextweb.com 2 redirects cdn.pixfuture.com
6 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
6 i1.wp.com securityaffairs.co
5 match.adsrvr.org 5 redirects
4 sync.1rx.io 4 redirects
4 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
4 navvy.media.net contextual.media.net
4 cvision.media.net securityaffairs.co
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 adserver-us.adtech.advertising.com 2 redirects securityaffairs.co
3 www.google-analytics.com securityaffairs.co
www.google-analytics.com
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.mathtag.com 2 redirects
2 eu-u.openx.net cdn.pixfuture.com
2 ads.pubmatic.com cdn.pixfuture.com
2 acdn.adnxs.com cdn.pixfuture.com
2 www.googletagservices.com pagead2.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 bid.contextweb.com cdn.pixfuture.com
2 ice.360yield.com cdn.pixfuture.com
2 ib.adnxs.com cdn.pixfuture.com
2 hbopenbid.pubmatic.com cdn.pixfuture.com
2 apex.go.sonobi.com cdn.pixfuture.com
2 pixfuture2-d.openx.net cdn.pixfuture.com
2 l.sharethis.com ws.sharethis.com
securityaffairs.co
2 connect.facebook.net securityaffairs.co
connect.facebook.net
2 i2.wp.com securityaffairs.co
2 i0.wp.com securityaffairs.co
2 protect-us.mimecast.com 2 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 prebid.mgid.com cdn.pixfuture.com
1 pixel.wp.com securityaffairs.co
1 secure.gravatar.com securityaffairs.co
1 c.sharethis.mgr.consensu.org ws.sharethis.com
1 google-analytics.com securityaffairs.co
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com securityaffairs.co
1 platform-api.sharethis.com securityaffairs.co
1 ws.sharethis.com securityaffairs.co
1 maxcdn.bootstrapcdn.com securityaffairs.co
0 fonts.googleapis.com Failed securityaffairs.co
187 52
Subject Issuer Validity Valid
www.securityaffairs.co
GeoTrust RSA CA 2018
2020-03-08 -
2021-04-07
a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
sharethis.com
Amazon
2020-08-17 -
2021-09-16
a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA
2019-12-03 -
2021-12-02
2 years crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-11-02 -
2021-01-30
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-28 -
2021-01-20
3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2020-02-25 -
2021-05-26
a year crt.sh
sharethis.mgr.consensu.org
Amazon
2020-05-05 -
2021-06-05
a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-18 -
2021-07-18
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2019-02-01 -
2021-02-04
2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.360yield.com
Amazon
2020-08-26 -
2021-09-26
a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2020-05-07 -
2022-05-12
2 years crt.sh
*.adtech.advertising.com
DigiCert SHA2 Secure Server CA
2020-04-16 -
2022-04-21
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-10-28 -
2021-01-20
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google.com
GTS CA 1O1
2020-10-28 -
2021-01-20
3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-29 -
2021-04-14
5 months crt.sh

This page contains 29 frames:

Primary Page: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Frame ID: 1061D7979CEB7C9C7FAB1CCAB39D024E
Requests: 86 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal-v2.html
Frame ID: D830706A6615C1EAEFB1130E86D55A76
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=246869,windows,systems,are,still,vulnerable,bluekeep,flawsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Frame ID: 69225DFEF041E6FBDB4AF15D25C6D24A
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24270x300x250x4142x_ADSLOT1&keywords=246869,windows,systems,are,still,vulnerable,bluekeep,flawsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24270x300x250x4142x_ADSLOT1&flag=true
Frame ID: 69C738EF5169D5CB0C69EAB514E087DC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
Frame ID: 63FCE3724BE2967940D58E3D49302420
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
Frame ID: 301E8706BCDBEBE52EA4838EB6915A43
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
Frame ID: 66DF7DCA5B5CF4D9A1C299B030EAE997
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
Frame ID: 1C6300A5847BFBCA39073EF7BCE01A33
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 52ABC0515079C40886B2991721E2DF78
Requests: 18 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: EAFF595E6AF441697571D339BEE4A002
Requests: 20 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV97497.js
Frame ID: 9091F026234E6ABDA26932025B050D24
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV97497.js
Frame ID: AB1AA64EEEB5F20ADE491C041F2A00FC
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV97497.js
Frame ID: B8CD7A69822CC0AF6698B679C6B3FB06
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV97497.js
Frame ID: 1F429547976893740B0E1C10ACF1F6A8
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: E51266AA957B2CF91BE1111F456D67DE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 2B67F5655AC036962BE71094E398B617
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: DBDBB539C3FBABE0818597EFC6BA75B4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1357492128&pi=t.ma~as.1680648786&w=300&lmt=1605713891&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605713891558&bpp=4&bdt=32&idt=52&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=7495332493383&frm=21&ife=1&pv=2&ga_vid=426609410.1605713890&ga_sid=1605713892&ga_hid=2021530875&ga_fc=1&iag=63&icsg=650&nhd=3&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2986&biw=1600&bih=1200&isw=300&ish=250&ifk=4247345361&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=771840114873288&pem=254&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.go5gl990d39f&btvi=1&fsb=1&xpc=A7VsHTBkaL&p=https%3A//securityaffairs.co&dtd=71
Frame ID: F69B12AAE490025C7C07AAB97A156696
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1357492131&pi=t.ma~as.1139220782&w=320&lmt=1605713891&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605713891500&bpp=18&bdt=44&idt=142&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=7495332493383&frm=21&ife=1&pv=1&ga_vid=426609410.1605713890&ga_sid=1605713892&ga_hid=1034413049&ga_fc=1&iag=63&icsg=650&nhd=3&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=963&biw=1600&bih=1200&isw=320&ish=50&ifk=2067344721&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3930490858291598&pem=254&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.nysz0o1nluue&fsb=1&xpc=1Eicu99RXH&p=https%3A//securityaffairs.co&dtd=150
Frame ID: 6449FB475997AA234E388952D3E34595
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 4A65A2958125BC54983ED5672C9CC92A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 72C968B70A6BD8F8CBCFE298C2FBE32D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6720019038E6BFF2F1CBEAFDCA9B6656
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9609D63F6D6CA007DD2B6EE6ACBC9A3E
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 0569A614CA8644D5A83E64E96B39123C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: D021F5BC6BA0E06F697BA6BA5FA953EB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9709F7197C57C991D7933E015DEC448F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: 40375BC94E7331972B390114C2DAD05B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6BF662255A1C7C8AC318C945E3183026
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 5116114D4BEF7C76B0AE988D5AB2EB85
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/9gfGC5yW1JfwQ3oguxEkC5 HTTP 307
    https://protect-us.mimecast.com/redirect/eNpVksGO2yAQhl8l4hw7gDF2rFWVNFmphzaHdlfqIZKFYRLT2MYCnFVU9d07zm5XXS4... HTTP 307
    https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

187
Requests

98 %
HTTPS

38 %
IPv6

33
Domains

52
Subdomains

34
IPs

6
Countries

3026 kB
Transfer

4541 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/9gfGC5yW1JfwQ3oguxEkC5 HTTP 307
    https://protect-us.mimecast.com/redirect/eNpVksGO2yAQhl8l4hw7gDF2rFWVNFmphzaHdlfqIZKFYRLT2MYCnFVU9d07zm5XXS4gZv5_hm_4TbweI6mIjQH05G28bVrXWaNudhh0NzWpdj1Zks5pUtEl8aDBjjHaHkjFJM0LKjNBcWEMjfiSQLCGVIJzmTPKMrEksY8HZ1BAKOVoZkc8MlGmTGYpy2XKCobXfTjPSvIgwGgJ6nQSJy1oSVWTSY6VNG5G03yz3-92jz93XyhP3RjtdW7yEzqMs77AVibfoVEb4xiq4-q4-vc49FTWB8w_rl6cN6OHEI4rxhjN2XHVKn2xwxljdjDuJSTXqRvAq6aDpOkmuACMaRv7DmvBjO1c6wTqKVBWr1l9NWuW5PXu-cdW8m3Oak45RWtWswKTIvg-SxBBIgqZZVKWpUCjJiC2LMPuFTIm72oMKT0X2bWgL8_fv-KFRhfXg9evOP_PDb0K7Yy4KAVl0DCj87wsTkKsNVVguCgLLjKZSwCjBMySwXhUxNaDimZQm3eYZJ702boBw6N3EXRMppD2OHatQnxLCVPzCxOe7vr9Ybt4PX1-3D4t9sp2t2pxcFfoG_ALVi4XMw5y_w7f3DTMo36DcqegP77-z18NVMoO HTTP 307
    https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=1605713891176; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ADTECH;cfp=1;rndc=1605713890;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=1605713891176 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ADTECH;apid=1A108c3252-29b4-11eb-b7e4-12d2f833f2cc;cfp=1;rndc=1605713891;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=1605713891176
Request Chain 174
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=4fb65fb5-3fe4-4600-97ff-77cedc7023f7
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZmUwY2E1Y2YtN2JkOS00NmMzLThlNTctMmNhNTZiZWZmOGNi HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIRadVkqg0hBUUKUAzYUXoQ&google_cver=1
Request Chain 176
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=386432757 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/74567e28-13b9-4f95-9e4b-f437ac500428 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003
Request Chain 177
  • https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475&google_hm=YzI2YzJjMWItMDU3NS00OTk5LWI3Y2YtMjg0MTc5OGZlNDc1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBh4zH8L8tYDCJDxjbcAT7w&google_cver=1&ssp=sonobi&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c26c2c1b-0575-4999-b7cf-2841798fe475
Request Chain 178
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878964319560823
Request Chain 179
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=fe0ca5cf-7bd9-46c3-8e57-2ca56beff8cb&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RDQ1MlpfY0hNb012aS01YnlIWkI3Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFptOafpOyLIUzimDejCehA&google_cver=1
Request Chain 180
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=74567e28-13b9-4f95-9e4b-f437ac500428&pubid=0b24fdfc82
Request Chain 182
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=74567e28-13b9-4f95-9e4b-f437ac500428&pubid=0b24fdfc82
Request Chain 183
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871597489307893879
Request Chain 184
  • https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475&google_hm=YzI2YzJjMWItMDU3NS00OTk5LWI3Y2YtMjg0MTc5OGZlNDc1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBh4zH8L8tYDCJDxjbcAT7w&google_cver=1&ssp=sonobi&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c26c2c1b-0575-4999-b7cf-2841798fe475
Request Chain 185
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=5d6d5fb5-3fe4-4600-a58a-bfd26a38e0ff
Request Chain 186
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003&rndcb=8482924213 HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=c26c2c1b-0575-4999-b7cf-2841798fe475 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/c26c2c1b-0575-4999-b7cf-2841798fe475?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003
Request Chain 191
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=f869f92f-fe83-4c72-bbc4-6644d0a816cc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RDQ1MlpfY0hNb012aS01YnlIWkI3Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFptOafpOyLIUzimDejCehA&google_cver=1
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Zjg2OWY5MmYtZmU4My00YzcyLWJiYzQtNjY0NGQwYTgxNmNj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIRadVkqg0hBUUKUAzYUXoQ&google_cver=1

187 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request windows-vulnerable-bluekeep.html
securityaffairs.co/wordpress/111051/hacking/
Redirect Chain
  • https://protect-us.mimecast.com/s/9gfGC5yW1JfwQ3oguxEkC5
  • https://protect-us.mimecast.com/redirect/eNpVksGO2yAQhl8l4hw7gDF2rFWVNFmphzaHdlfqIZKFYRLT2MYCnFVU9d07zm5XXS4gZv5_hm_4TbweI6mIjQH05G28bVrXWaNudhh0NzWpdj1Zks5pUtEl8aDBjjHaHkjFJM0LKjNBcWEMjfiSQLCGVIJz...
  • https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
83 KB
23 KB
Document
General
Full URL
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PHP/7.2.34
Resource Hash
cf879049518cd81a6c5ba3626891df600ea37a61b36847203a465e613eb9f435

Request headers

:method
GET
:authority
securityaffairs.co
:scheme
https
:path
/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Wed, 18 Nov 2020 15:38:09 GMT
server
Apache
x-powered-by
PHP/7.2.34
vary
Accept-Encoding,Cookie
cache-control
max-age=3, must-revalidate
content-encoding
gzip

Redirect headers

Date
Wed, 18 Nov 2020 15:38:09 GMT
Content-Length
0
Connection
keep-alive
Location
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-control
no-store
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/
64 KB
64 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-includes/css/dist/block-library/style.css?ver=d2c1d626d6d17b7c784678224f6cb29e
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
093fa1b3be5a5ed806dc8873e932ce049231b1b9bab39fb85e63ab8229d57c0b

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Tue, 01 Sep 2020 21:33:33 GMT
server
Apache
etag
"fe23-5ae47455cdf29"
content-type
text/css
status
200
accept-ranges
bytes
content-length
65059
cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.9.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 18 Nov 2020 07:42:35 GMT
server
Apache
etag
"c25-5b45cc13d19b0"
content-type
text/css
status
200
accept-ranges
bytes
content-length
3109
cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/
27 KB
27 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.9.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
d44b68c7b3e659196a6a72662f4e2e903044d6e64a6a5c0002602711cd68a8fa

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 18 Nov 2020 07:42:35 GMT
server
Apache
etag
"6cdf-5b45cc13d19b0"
content-type
text/css
status
200
accept-ranges
bytes
content-length
27871
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=d2c1d626d6d17b7c784678224f6cb29e
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
5442
frontend.css
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/
7 KB
7 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.css?ver=1605713788
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
24583638f8c4bd2d5dff22bddefbb24f8d047868e71ad2c029b1698b6926c85c

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 04 Nov 2020 00:33:04 GMT
server
Apache
etag
"1c69-5b33d1f62633e"
content-type
text/css
status
200
accept-ranges
bytes
content-length
7273
custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/
19 KB
20 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
server
Apache
etag
"4d92-52704407f72c0"
content-type
text/css
status
200
accept-ranges
bytes
content-length
19858
tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/
539 B
683 B
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
etag
"21b-526fe6d7cd700"
content-type
text/css
status
200
accept-ranges
bytes
content-length
539
flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/
6 KB
6 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
server
Apache
etag
"1851-5270441180940"
content-type
text/css
status
200
accept-ranges
bytes
content-length
6225
mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/
11 KB
11 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.13-9993131
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
Apache
etag
"2ca1-597430d7ee92b"
content-type
text/css
status
200
accept-ranges
bytes
content-length
11425
animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
etag
"6b4-526fe6d5e5280"
content-type
text/css
status
200
accept-ranges
bytes
content-length
1716
font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/
17 KB
18 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
etag
"4574-526fe6d5e5280"
content-type
text/css
status
200
accept-ranges
bytes
content-length
17780
swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
4 KB
5 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
etag
"118d-526fe6e527680"
content-type
text/css
status
200
accept-ranges
bytes
content-length
4493
jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/
334 B
478 B
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
etag
"14e-526fe6d5e5280"
content-type
text/css
status
200
accept-ranges
bytes
content-length
334
screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/
110 KB
110 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
etag
"1b844-526fe6d7cd700"
content-type
text/css
status
200
accept-ranges
bytes
content-length
112708
custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/
12 KB
12 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PHP/7.2.34
Resource Hash
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 18 Nov 2020 15:38:09 GMT
server
Apache
x-powered-by
PHP/7.2.34
content-type
text/css; charset: UTF-8;charset=UTF-8
grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/
49 KB
50 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=d2c1d626d6d17b7c784678224f6cb29e
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
server
Apache
etag
"c5f2-526fe6d6d94c0"
content-type
text/css
status
200
accept-ranges
bytes
content-length
50674
frontend.js
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/
23 KB
23 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.js?ver=1605713788
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
9b5b9b8b1984a7b55656ca3d243deb436e049467353f6e61e73ac8bd0ab2a636

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 04 Nov 2020 00:33:04 GMT
server
Apache
etag
"5b01-5b33d1f631ebe"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
23297
jquery.js
securityaffairs.co/wordpress/wp-includes/js/jquery/
95 KB
95 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Tue, 21 May 2019 21:49:10 GMT
server
Apache
etag
"17a69-5896cd1a361be"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
96873
cookie-law-info-public.js
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/
33 KB
33 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.9.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
19220534acd81fcc7c5128efb3662f50ec59441be7a642a13d81db09106a5ded

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 18 Nov 2020 07:42:35 GMT
server
Apache
etag
"840b-5b45cc13d2950"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
33803
medianetAdInjector.js
securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/
741 B
895 B
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.8
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
c8817bacfc84fd39e4daec4096011ed3d117c7fe8b3c55fdd22af47c299099bc

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Fri, 06 Nov 2020 18:52:54 GMT
server
Apache
etag
"2e5-5b374b8664727"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
741
st_insights.js
ws.sharethis.com/button/
25 KB
8 KB
Script
General
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
6d7d8b5166693d824356fd913840d94a4e76e9377f67035401b01c5ed1d23362

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 19:39:59 GMT
content-encoding
gzip
age
158290
x-cache
Hit from cloudfront
status
200
content-length
7332
server
nginx/1.16.1
etag
"5f80b334-63df"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA6-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
_ku24h55p1P4h5WEQkOHJtf3OuJ-Qa4L6RCXawUxSe5PXErKl5nl_A==
expires
Thu, 19 Nov 2020 19:39:59 GMT
sharethis.js
platform-api.sharethis.com/js/
99 KB
31 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6800:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2fc6c5d0bbc31a642d749a5d73ca3cd76d695684f74b22fccc57eef7af751eba

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:30:38 GMT
content-encoding
gzip
age
451
etag
W/"18c98-es95caZn+12x54BVug30OMTxJq8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
status
200
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
I_GSMC_mLBCeiVD9j3xcIFWczR0q9GYuvlOCh_vCMlJpZYY3Vf3Y1Q==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
shield-antibot.js
securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/
3 KB
3 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/shield-antibot.js?ver=10.1.2&mtime=1605685362
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
d24350e3a8c6e3963544189c3d0cfcd8c11e5dbac0de76aace83993b7d16dcf6

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 18 Nov 2020 07:42:42 GMT
server
Apache
etag
"c00-5b45cc1a6823f"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3072
logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/
44 KB
44 KB
Image
General
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 17:30:42 GMT
server
Apache
etag
"b0e9-5270743f5f480"
content-type
image/png
status
200
accept-ranges
bytes
content-length
45289
headerbid.js
served-by.pixfuture.com/www/delivery/
3 KB
4 KB
Script
General
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 18 Nov 2020 15:38:09 GMT
Last-Modified
Mon, 26 Oct 2020 19:24:56 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5f972288-d42"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800, public, no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
3394
Expires
Fri, 20 Nov 2020 15:38:09 GMT
facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/
830 B
1 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie 6
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 29 May 2020 00:29:27 GMT
server
nginx
status
200
etag
"dbe93691e63f1284"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length
830
expires
Sun, 29 May 2022 12:29:27 GMT
twitter.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/
1 KB
1 KB
Image
General
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 14:55:53 GMT
server
nginx
status
200
etag
"14b5824e41174510"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length
1082
expires
Mon, 24 Oct 2022 02:55:53 GMT
linkedin.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/
1 KB
1 KB
Image
General
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 14:55:53 GMT
server
nginx
status
200
etag
"3682dc7db90460da"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length
1184
expires
Mon, 24 Oct 2022 02:55:53 GMT
reddit.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/
2 KB
2 KB
Image
General
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/reddit.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
56159a7fa211c042c8da7005984653715f938917383f74292247f7b271469fb6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie 2
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 14:55:53 GMT
server
nginx
status
200
etag
"305dd2d8917ce89c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/reddit.png>; rel="canonical"
content-length
1566
expires
Mon, 24 Oct 2022 02:55:53 GMT
pinterest.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/
1 KB
2 KB
Image
General
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3afe47d0fe0b16bc5bddecdc9bcaca94ed420b8fd0ddee2ae77364403c794bb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
x-bytes-saved
1227
status
200
content-length
1502
x-nc
HIT vie 8
last-modified
Mon, 04 Feb 2019 06:29:18 GMT
server
nginx
etag
"9a8b1a5335d6cfb5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png>; rel="canonical"
expires
Wed, 03 Feb 2021 18:29:18 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c6c4415447de566db05965d087748482309264382e0a8a8fc986fb83bb68f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
l9cOtOblSX2JqcKZSfpy/A==
status
200
cross-origin-resource-policy
cross-origin
expires
Wed, 18 Nov 2020 15:43:12 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"f51475c25fc2934f5410b56e8d66d492"
x-fb-debug
3waiNalvJ0pKoCNm7bX9FBRd+1ohvurvk+TInktJOD2kAjYhokoy297h3NQ2AskqsgO3OUoIhbsC/35UIafgRA==
x-fb-trip-id
664085054
x-fb-content-md5
a3fad240a1f14f37f1e42f8ea8d23230
date
Wed, 18 Nov 2020 15:38:10 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6526
date
Wed, 18 Nov 2020 13:49:24 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 18 Nov 2020 15:49:24 GMT
twemoji.js
securityaffairs.co/wordpress/wp-includes/js/
27 KB
28 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=d2c1d626d6d17b7c784678224f6cb29e
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
ee657fa9cbe48aeeda44b31ed4ae2ca1d021a82e301e36a456eafb7c8dda7fb7

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:10 GMT
last-modified
Tue, 11 Aug 2020 22:24:47 GMT
server
Apache
etag
"6d6a-5aca189f1cc8c"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
28010
wp-emoji.js
securityaffairs.co/wordpress/wp-includes/js/
9 KB
9 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=d2c1d626d6d17b7c784678224f6cb29e
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:10 GMT
last-modified
Tue, 31 Mar 2020 22:49:14 GMT
server
Apache
etag
"231d-5a22e608152f1"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
8989
css
fonts.googleapis.com/
0
0

css
fonts.googleapis.com/
0
0

css
fonts.googleapis.com/
0
0

css
fonts.googleapis.com/
0
0

Office-365.jpg
securityaffairs.co/wordpress/wp-content/uploads/2020/11/
124 KB
125 KB
Image
General
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2020/11/Office-365.jpg
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
4fb2a9205d8aab46f1f1fbb266c033556caab044a70bad50e47505bde1a1d27b

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:10 GMT
last-modified
Wed, 18 Nov 2020 13:27:03 GMT
server
Apache
etag
"1f123-5b4619128efd2"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
127267
CISA.jpeg
securityaffairs.co/wordpress/wp-content/uploads/2020/07/
42 KB
42 KB
Image
General
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2020/07/CISA.jpeg
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
1536d07b6af9e6b855c692e59c9464e7f17dc211a4b17380f5a8b50ab13fe8df

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:10 GMT
last-modified
Sat, 25 Jul 2020 11:32:42 GMT
server
Apache
etag
"a626-5ab42729d4a1e"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
42534
dmedianet.js
contextual.media.net/
151 KB
51 KB
Script
General
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eae1dccf23afe7d3230c56edf243d9ead20d754b8ecc14e0b1fe4cc2dc321477
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h
10-6
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"26f4c164cbe1415d04d93c269e7c7078"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=300
date
Wed, 18 Nov 2020 15:38:10 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-14
expires
Wed, 18 Nov 2020 15:43:10 GMT
intel-chip.jpg
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/01/
18 KB
18 KB
Image
General
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/01/intel-chip.jpg?resize=300%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
70007744256009c3d64d54716659423b2e31c4738a39f6c06ffd4a14c3f71288
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie 2
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Nov 2020 15:51:15 GMT
server
nginx
status
200
etag
"2a6b0cd535f6e4a7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2018/01/intel-chip.jpg>; rel="canonical"
content-length
18728
expires
Wed, 02 Nov 2022 03:51:15 GMT
ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/
122 KB
122 KB
Stylesheet
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=d2c1d626d6d17b7c784678224f6cb29e
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Sep 2020 22:37:21 GMT
server
Apache
etag
"1e76e-5af75e92c24d8"
content-type
text/css
status
200
accept-ranges
bytes
content-length
124782
photon.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/
2 KB
2 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Thu, 12 Nov 2020 23:42:22 GMT
server
Apache
etag
"6e0-5b3f176ab0fdf"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1760
jquery.adrotate.clicktracker.js
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/
365 B
519 B
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Thu, 12 Nov 2020 23:42:14 GMT
server
Apache
etag
"16d-5b3f176309fe7"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
365
ssba.js
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/
2 KB
2 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=d2c1d626d6d17b7c784678224f6cb29e
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Sep 2020 22:37:21 GMT
server
Apache
etag
"792-5af75e92c8298"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1938
hint.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
987 B
1 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
etag
"3db-526fe6e433440"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
987
jquery.tipsy.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
4 KB
4 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
etag
"1113-526fe6e433440"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4371
jquery.easing.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
8 KB
8 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
etag
"1fa1-526fe6e433440"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
8097
browser.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
3 KB
3 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
etag
"a36-526fe6e33f200"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2614
jquery.flexslider-min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/
21 KB
21 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
server
Apache
etag
"53ae-5270441274b80"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
21422
waypoints.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
8 KB
8 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
etag
"1f6c-526fe6e527680"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
8044
mediaelement-and-player.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/
69 KB
70 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
server
Apache
etag
"11571-5270441645480"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
71025
jquery.swipebox.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
11 KB
11 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
etag
"2a67-526fe6e433440"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
10855
jquery.circliful.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
3 KB
3 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
etag
"c18-526fe6e433440"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3096
jquery.smarticker.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
13 KB
13 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
etag
"3225-526fe6e433440"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
12837
custom.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/
12 KB
13 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
etag
"31d4-526fe6e33f200"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
12756
wp-embed.js
securityaffairs.co/wordpress/wp-includes/js/
3 KB
3 KB
Script
General
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/wp-embed.js?ver=d2c1d626d6d17b7c784678224f6cb29e
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:09 GMT
last-modified
Thu, 21 Feb 2019 22:56:38 GMT
server
Apache
etag
"c8e-5826f6315ef61"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3214
e-202047.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202047.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie
date
Wed, 18 Nov 2020 15:38:10 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Mon, 15 Nov 2021 11:26:28 GMT
sdk.js
connect.facebook.net/en_US/
195 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=492e4a0bf353ccaa46c454a3c7e6ce86&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6426a80cc7f9a8299741f42ad975ad9345fa04f73c83b835ead4a047d184a85e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://securityaffairs.co
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1Nu+RfomYwZgmb6BgZhKRQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60127
etag
"835b582ad5ca7ba202d9405b667cab7e"
x-fb-debug
bqIr8XeOsQ8cNlzGozRPDSDltJd6IZf3gXsxt9403f9d/Ks2ytbM4TwKzcodSlGWN10ltcpS2bCoYB+XVQjrUg==
x-fb-trip-id
664085054
x-fb-content-md5
e9d4427aaa260c431ad57ba5a832be2e
x-frame-options
DENY
date
Wed, 18 Nov 2020 15:38:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 18 Nov 2021 11:49:03 GMT
collect
www.google-analytics.com/j/
2 B
67 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=923383444&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&ul=en-us&de=UTF-8&dt=246869%20Windows%20systems%20are%20still%20vulnerable%20to%20the%20BlueKeep%20flawSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABCAAAAC~&jid=676767722&gjid=1223260591&cid=426609410.1605713890&tid=UA-59069958-1&_gid=1680758168.1605713890&_r=1&_slc=1&did=dNDMyYj&z=936654115
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
5b71b64b04b9a500117b1015.js
buttons-config.sharethis.com/js/
30 B
381 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/5b71b64b04b9a500117b1015.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:9600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:37:45 GMT
via
1.1 4cb16ea6a84fa64395352e03f53b5e8f.cloudfront.net (CloudFront)
last-modified
Mon, 13 Aug 2018 16:48:12 GMT
server
AmazonS3
age
26
etag
"e6e1643313740711175f51662a65b42f"
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=60,public
x-amz-cf-pop
WAW50-C1
accept-ranges
bytes
content-length
30
x-amz-cf-id
K6J1-IRWCunEVuCkNNw8xBYiDjRFS--lbfpsH6540iu2n2r5FJnTFg==
analytics.js
google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1395
date
Wed, 18 Nov 2020 15:14:55 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 18 Nov 2020 17:14:55 GMT
collect
www.google-analytics.com/
35 B
122 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=923383444&t=pageview&_s=2&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&ul=en-us&de=UTF-8&dt=246869%20Windows%20systems%20are%20still%20vulnerable%20to%20the%20BlueKeep%20flawSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABCAAAAC~&jid=&gjid=&cid=426609410.1605713890&tid=UA-59069958-1&_gid=1680758168.1605713890&did=dNDMyYj&z=1422275893
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 03:23:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44052
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/
43 KB
44 KB
Font
General
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Origin
https://securityaffairs.co
Referer
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:10 GMT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
server
Apache
etag
"ad90-526fe6dc92240"
content-type
application/font-woff
status
200
accept-ranges
bytes
content-length
44432
portal-v2.html
c.sharethis.mgr.consensu.org/v1.0/cmp/ Frame D830
0
0
Document
General
Full URL
https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal-v2.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:a200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/v1.0/cmp/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
content-type
text/html; charset=utf-8
accept-ranges
bytes
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 18:27:43 GMT
date
Wed, 18 Nov 2020 15:04:09 GMT
cache-control
max-age=3600, public
etag
W/"83a-174e56b8518"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 184f5b3ebeb6aa0f7b93900fc50720c4.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW50-C1
x-amz-cf-id
Em-CfikEP2zjfJTF6GFtLvAzsXfNyeplRi-JfR9pvULK3wZlqqCxGg==
age
2041
headerbid_refresh_alex.php
served-by.pixfuture.com/www/delivery/ Frame 6922
6 KB
7 KB
Script
General
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=246869,windows,systems,are,still,vulnerable,bluekeep,flawsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
db2e2708e1829aa1c683c5f23457dffba2cc1aaa83a9e644abc0c04c91636697

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:10 GMT
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800, public, no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Fri, 20 Nov 2020 15:38:10 GMT
nmedianet.js
contextual.media.net/
149 KB
51 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
73bd83a071843342dd02407568c26ef171ce61398c179136935fd276253ee018
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-mnt-h
10-3
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"47e8885c128f34fc3453c68597671735"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=300
date
Wed, 18 Nov 2020 15:38:10 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-16
expires
Wed, 18 Nov 2020 15:43:10 GMT
bluekeep-flaw.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/11/
23 KB
23 KB
Image
General
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/11/bluekeep-flaw.png?resize=1024%2C517&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
dba75044f2e57c5a1d8e814f7baf938c03c73604d5bd0796c92a09ff65545249
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie 6
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 12:04:00 GMT
server
nginx
status
200
etag
"2fa1c4b1e06ab45b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2020/11/bluekeep-flaw.png>; rel="canonical"
content-length
23522
expires
Fri, 18 Nov 2022 00:04:00 GMT
headerbid_refresh_alex.php
served-by.pixfuture.com/www/delivery/ Frame 69C7
6 KB
7 KB
Script
General
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24270x300x250x4142x_ADSLOT1&keywords=246869,windows,systems,are,still,vulnerable,bluekeep,flawsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24270x300x250x4142x_ADSLOT1&flag=true
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0b94373bcbc05cafe125652d568fc43e6d1e0cffe7835790b5477b6c0b2ac071

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:10 GMT
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800, public, no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Fri, 20 Nov 2020 15:38:10 GMT
fcmain.js
contextual.media.net/1017354394/
77 KB
27 KB
Script
General
Full URL
https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=733976884&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&nse=5&vi=1605713890939513026&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
57ad649d76015fa4fd21187c83ede880a574c4632670e374ef43049a17b921eb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
10-6
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=300
date
Wed, 18 Nov 2020 15:38:11 GMT
x-mnt-w
10-4, 10-8
content-length
27320
expires
Wed, 18 Nov 2020 15:43:11 GMT
checksync.php
contextual.media.net/ Frame 63FC
0
0
Document
General
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 22 May 2021 15:38:10 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=68544
expires
Thu, 19 Nov 2020 10:40:34 GMT
date
Wed, 18 Nov 2020 15:38:10 GMT
content-length
5435
bping.php
lg3.media.net/
35 B
189 B
Image
General
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=733976884&vi=1605713890939513026&ugd=4&lf=6&cc=AT&wsip=2886781008&r=1605713890528&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001605713890522031179494409728&gdpr=1&vgd_end=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 18 Nov 2020 15:38:10 GMT
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 18 Nov 2020 15:38:10 GMT
pview
l.sharethis.com/
0
340 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1605713890295.98209&hostname=securityaffairs.co&location=%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&title=246869%20Windows%20systems%20are%20still%20vulnerable%20to%20the%20BlueKeep%20flawSecurity%20Affairs&sop=false&description=In%20May%202019%2C%20Microsoft%20disclosed%C2%A0the%20BlueKeep%20vulnerability%2C%20more%20than%20a%20year%20later%20over%20245%2C000%20Windows%20systems%20still%20remain%20unpatched.%20Over%20a%20year%20ago%20Microsoft%20Patch%20Tuesday%20updates%20for%20May%202019%C2%A0addressed%20nearly%2080%20vulnerabilities%2C%20including%20the%20BlueKeep%20flaw.%20The%20issue%20is%20a%20remote%20code%20execution%20flaw%20in%20Remote%20Desktop%20Services%20(RDS)%20that%20can%20be%20exploited%20by%20%5B%E2%80%A6%5D
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.118.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 18 Nov 2020 15:38:10 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/
1 KB
1 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
643a860832456b5a74825b79d625434b5c4c2a344b8f9bef3614b327bea52646

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Wed, 18 Nov 2020 15:38:10 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Wed, 18 Nov 2020 15:43:10 GMT
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/
6 KB
6 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 15:05:03 GMT
server
nginx
status
200
etag
"6a1f80269c2a97fb"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
6414
expires
Mon, 24 Oct 2022 03:05:03 GMT
securityaffairs-best-european-blog2.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/
10 KB
10 KB
Image
General
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/securityaffairs-best-european-blog2.png?resize=300%2C217&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
x-bytes-saved
103276
status
200
content-length
10314
x-nc
HIT vie 8
last-modified
Tue, 02 Jun 2020 21:24:46 GMT
server
nginx
etag
"fed3375b73064b64"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2020/06/securityaffairs-best-european-blog2.png>; rel="canonical"
expires
Fri, 03 Jun 2022 09:24:46 GMT
logo-center-for-cybersecurity.jpg
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/
7 KB
7 KB
Image
General
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT vie 2
date
Wed, 18 Nov 2020 15:38:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Oct 2020 09:04:45 GMT
server
nginx
status
200
etag
"eef46ddfcc445bef"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7482
expires
Wed, 26 Oct 2022 21:04:45 GMT
fcmain.js
contextual.media.net/1017354394/
74 KB
24 KB
Script
General
Full URL
https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=829833831&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&nse=5&vi=1605713890171317768&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d08c16c83e8837eda7246bd47e4ced77a97e9217397cc3ce6f332e5ca3ead11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
10-6
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=300
date
Wed, 18 Nov 2020 15:38:11 GMT
x-mnt-w
8-21, 8-20
content-length
23933
expires
Wed, 18 Nov 2020 15:43:11 GMT
checksync.php
contextual.media.net/ Frame 301E
0
0
Document
General
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 22 May 2021 15:38:10 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=68544
expires
Thu, 19 Nov 2020 10:40:34 GMT
date
Wed, 18 Nov 2020 15:38:10 GMT
content-length
5435
fcmain.js
contextual.media.net/1017354394/
73 KB
24 KB
Script
General
Full URL
https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&nse=5&vi=1605713890149443330&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
666a8c9694544da28b20d106acc0c8d9aca044de9ee5144111e1abf47731b3a1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
10-6
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=300
date
Wed, 18 Nov 2020 15:38:11 GMT
x-mnt-w
8-10, 8-10
content-length
23856
expires
Wed, 18 Nov 2020 15:43:11 GMT
checksync.php
contextual.media.net/ Frame 66DF
0
0
Document
General
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 22 May 2021 15:38:10 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=68544
expires
Thu, 19 Nov 2020 10:40:34 GMT
date
Wed, 18 Nov 2020 15:38:10 GMT
content-length
5435
fcmain.js
contextual.media.net/1017354394/
73 KB
24 KB
Script
General
Full URL
https://contextual.media.net/1017354394/fcmain.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=647633027&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&nse=5&vi=1605713890825526223&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
afe61ef42fe251cd36ad40011667f1f7d75aae7845558af77b04e2418849c338
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
10-6
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=300
date
Wed, 18 Nov 2020 15:38:11 GMT
x-mnt-w
8-20, 8-10
content-length
23894
expires
Wed, 18 Nov 2020 15:43:11 GMT
checksync.php
contextual.media.net/ Frame 1C63
0
0
Document
General
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 22 May 2021 15:38:10 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=68544
expires
Thu, 19 Nov 2020 10:40:34 GMT
date
Wed, 18 Nov 2020 15:38:10 GMT
content-length
5435
bping.php
lg3.media.net/
35 B
189 B
Image
General
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=829833831&vi=1605713890171317768&ugd=4&lf=6&cc=AT&lper=100&wsip=2886780970&r=1605713890700&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001605713890695031179494406407&gdpr=1&vgd_end=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 18 Nov 2020 15:38:10 GMT
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 18 Nov 2020 15:38:10 GMT
bping.php
lg3.media.net/
35 B
189 B
Image
General
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&vi=1605713890149443330&ugd=4&lf=6&cc=AT&wsip=2886780970&r=1605713890719&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001605713890716031179494404687&gdpr=1&vgd_end=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 18 Nov 2020 15:38:10 GMT
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 18 Nov 2020 15:38:10 GMT
bping.php
lg3.media.net/
35 B
189 B
Image
General
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=647633027&vi=1605713890825526223&ugd=4&lf=6&cc=AT&lper=100&wsip=2886780970&r=1605713890726&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001605713890725031179494406081&gdpr=1&vgd_end=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 18 Nov 2020 15:38:10 GMT
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 18 Nov 2020 15:38:10 GMT
g.gif
pixel.wp.com/
50 B
92 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.1&blog=29506073&post=111051&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=&fcp=4721&rand=0.2526623828976131
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 18 Nov 2020 15:38:10 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
pview
l.sharethis.com/
0
315 B
Image
General
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1605713890295.98209&hostname=securityaffairs.co&location=%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&title=246869%20Windows%20systems%20are%20still%20vulnerable%20to%20the%20BlueKeep%20flawSecurity%20Affairs&sop=false&description=In%20May%202019%2C%20Microsoft%20disclosed%C2%A0the%20BlueKeep%20vulnerability%2C%20more%20than%20a%20year%20later%20over%20245%2C000%20Windows%20systems%20still%20remain%20unpatched.%20Over%20a%20year%20ago%20Microsoft%20Patch%20Tuesday%20updates%20for%20May%202019%C2%A0addressed%20nearly%2080%20vulnerabilities%2C%20including%20the%20BlueKeep%20flaw.%20The%20issue%20is%20a%20remote%20code%20execution%20flaw%20in%20Remote%20Desktop%20Services%20(RDS)%20that%20can%20be%20exploited%20by%20%5B%E2%80%A6%5D&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&description=In%20May%202019%2C%20Microsoft%20disclosed%C2%A0the%20BlueKeep%20vulnerability%2C%20more%20than%20a%20year%20later%20over%20245%2C000%20Windows%20systems%20still%20remain%20unpatched.%20Over%20a%20year%20ago%20Microsoft%20Patch%20Tuesday%20updates%20for%20May%202019%C2%A0addressed%20nearly%2080%20vulnerabilities%2C%20including%20the%20BlueKeep%20flaw.%20The%20issue%20is%20a%20remote%20code%20execution%20flaw%20in%20Remote%20Desktop%20Services%20(RDS)%20that%20can%20be%20exploited%20by%20%5B%E2%80%A6%5D&img_pview=true
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.118.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 18 Nov 2020 15:38:10 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
djax_elastic.js
cdn.pixfuture.com/ Frame 52AB
37 KB
37 KB
Script
General
Full URL
https://cdn.pixfuture.com/djax_elastic.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=246869,windows,systems,are,still,vulnerable,bluekeep,flawsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da964f62d626d1d0d8a931e4fa1d5e21c7e755ba4d152bffd3532ea611024fb6

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
37977
cf-request-id
067d9aa64e00002bd67aa1a000000001
last-modified
Mon, 02 Nov 2020 17:01:36 GMT
server
cloudflare
etag
"5fa03b70-9459"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=76uYr5383R4ILtm%2BcqsnQN1WjIT3cb%2BkPNZJOXwxC%2Bx3gre1Mkb2Ryv3H39wY38k9Zp4PzitafNCSj9gRzM0jf9jYrFSM6j%2FjgHBCTi4%2FPZf4JX%2FPSYK9YhvfEf4Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
accept-ranges
bytes
cf-ray
5f42c6ea1f152bd6-FRA
expires
Fri, 20 Nov 2020 15:38:10 GMT
prebid_uids2.js
cdn.pixfuture.com/ Frame 52AB
307 KB
308 KB
Script
General
Full URL
https://cdn.pixfuture.com/prebid_uids2.js?v=3
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24272x320x50x4142x_ADSLOT1&keywords=246869,windows,systems,are,still,vulnerable,bluekeep,flawsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24272x320x50x4142x_ADSLOT1&flag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d3d5e8244dc1528570498005e8b963908ad2efe06639f7fb3bfaeec5a10daa

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
314663
cf-request-id
067d9aa64e00002bd68017f000000001
last-modified
Thu, 29 Oct 2020 18:44:42 GMT
server
cloudflare
etag
"5f9b0d9a-4cd27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MzLa6zI%2FcndKz0tcGdqQOi67I1JKnjFGchcrGBf0EmeYUevLkkpw%2F9dpZYmUIhzbXBP0WosUhMuq%2F9pvhY8ODMysDVgQyH3eQ%2BnyB7xOeEx%2FDBuQ4F%2BJJHBggsVK8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
accept-ranges
bytes
cf-ray
5f42c6ea1f1d2bd6-FRA
expires
Fri, 20 Nov 2020 15:38:10 GMT
djax_elastic.js
cdn.pixfuture.com/ Frame EAFF
37 KB
37 KB
Script
General
Full URL
https://cdn.pixfuture.com/djax_elastic.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24270x300x250x4142x_ADSLOT1&keywords=246869,windows,systems,are,still,vulnerable,bluekeep,flawsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24270x300x250x4142x_ADSLOT1&flag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da964f62d626d1d0d8a931e4fa1d5e21c7e755ba4d152bffd3532ea611024fb6

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
37977
cf-request-id
067d9aa65300002bd69831c000000001
last-modified
Mon, 02 Nov 2020 17:01:36 GMT
server
cloudflare
etag
"5fa03b70-9459"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m4Airjy12YC5ufLugyWfEaE%2BXiObv75hbQ8fH%2BFXr5HiwIjTUdblH1E6mPHLXCaxHm8VnQIyb8OGeyVH6LiFlacO4s5J8kU9FtqKzFO7xeR8%2FeSfisqzOSbo7aAbKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
accept-ranges
bytes
cf-ray
5f42c6ea1f1e2bd6-FRA
expires
Fri, 20 Nov 2020 15:38:10 GMT
prebid_uids2.js
cdn.pixfuture.com/ Frame EAFF
307 KB
308 KB
Script
General
Full URL
https://cdn.pixfuture.com/prebid_uids2.js?v=3
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=24270x300x250x4142x_ADSLOT1&keywords=246869,windows,systems,are,still,vulnerable,bluekeep,flawsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&mainDiv=24270x300x250x4142x_ADSLOT1&flag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d3d5e8244dc1528570498005e8b963908ad2efe06639f7fb3bfaeec5a10daa

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
314663
cf-request-id
067d9aa64e00002bd6be36f000000001
last-modified
Thu, 29 Oct 2020 18:44:42 GMT
server
cloudflare
etag
"5f9b0d9a-4cd27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yGY%2F%2B2dS2B7xI1FzKyFX%2BjKxBIXHbVK3Xu6llVJ9uF0iMmTdhp6hDaKSOO%2BS2EzgLp4KkuGyzqM8fIYojaUUnoiGJCsOslm0%2FGSOsKkNXekTuPpWRRME8U%2Bp%2Bl9mrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
accept-ranges
bytes
cf-ray
5f42c6ea1f212bd6-FRA
expires
Fri, 20 Nov 2020 15:38:10 GMT
jquery3_5_1.min.js
cdn.pixfuture.com/ Frame 52AB
87 KB
88 KB
Script
General
Full URL
https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
89476
cf-request-id
067d9aa6d300002bd6c7296000000001
last-modified
Wed, 26 Aug 2020 15:41:27 GMT
server
cloudflare
etag
"5f4682a7-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lWnfPohIaZFSK3gLCcvK4Pu7km0VkfK4hzN2YM5qMEP%2FeAmczZI2dIKH5KpqG1QkjgB%2BRkFtUiDiwrm6HoPYJ1mCxdLZDpV5y0NYFFElHMKzmjPtAo8cZYFqlldxxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
accept-ranges
bytes
cf-ray
5f42c6eae9182bd6-FRA
expires
Fri, 20 Nov 2020 15:38:11 GMT
jquery3_5_1.min.js
cdn.pixfuture.com/ Frame EAFF
87 KB
88 KB
Script
General
Full URL
https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
89476
cf-request-id
067d9aa6d300002bd687b94000000001
last-modified
Wed, 26 Aug 2020 15:41:27 GMT
server
cloudflare
etag
"5f4682a7-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=68sW8y%2BJPHWjOMllNvJQ1D2Gin%2F8Rk%2FcEM7wqtwIMKgqQUcRId1%2FlW%2FNHN2pswd6yQdpu3YJmeLzd%2BOIUcNp%2FkjX%2BjNfSNv7%2FGI0Y%2BHZycJ5TBdVjdzcoL0Pdi79OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
accept-ranges
bytes
cf-ray
5f42c6eae9192bd6-FRA
expires
Fri, 20 Nov 2020 15:38:11 GMT
arj
pixfuture2-d.openx.net/w/1.0/ Frame 52AB
174 B
562 B
XHR
General
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=ae51a8a7-7fa5-4aa5-94e9-c7dd4783ea7c&nocache=1605713891062&gdpr=0&pubcid=98efd54f-81d6-483b-8e31-170de3266d62&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=320x50&divIds=24272x320x50x4142x_ADSLOT1&auid=540580841&tps=bXlrZXl3b3JkPTI0Njg2OSx3aW5kb3dzLHN5c3RlbXMsYXJlLHN0aWxsLHZ1bG5lcmFibGUsYmx1ZWtlZXAsZmxhd3NlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9MjQ2ODY5LHdpbmRvd3Msc3lzdGVtcyxhcmUsc3RpbGwsdnVsbmVyYWJsZSxibHVla2VlcCxmbGF3c2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.198.0 /
Resource Hash
f11b778b1636603f23423167797eede834832edf58f831f6f64933f6139faf6f

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
server
OXGW/16.198.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 52AB
1 KB
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2249be43965fc25%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.1%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&s=f2caab88-7db3-438e-ad56-81f0a0ddf785&pv=f8624cc3-4111-46b1-a29a-e9a4957b50bb&vp=mobile&lib_name=prebid&lib_v=3.25.0&us=0&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&kw=246869%2Cwindows%2Csystems%2Care%2Cstill%2Cvulnerable%2Cbluekeep%2Cflawsecurity%2Caffairs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
43cdebb898eb3c32261ba332ca54d29541f43ef5c2f3f9bc0da902fbfec0edf3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:11 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
629
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 52AB
0
117 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 18 Nov 2020 15:38:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://securityaffairs.co
prebid
ib.adnxs.com/ut/v3/ Frame 52AB
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
211fe1b9a4bf84725536937d87bba9b1656f20ba7b6cb3d7fc8ccbd6286b1441
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:11 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid
1a387dd5-cd9c-40d3-82b4-b545a27d3999
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ice.360yield.com/ Frame 52AB
95 B
312 B
XHR
General
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213bff1c92f9b013%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22108cab92be79fef%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22292114%2C%22tid%22%3A%22ae51a8a7-7fa5-4aa5-94e9-c7dd4783ea7c%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.112.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
86e2c5b75471f727ccb2509e365842493c33a88275e0aebf31add5a845e56b53

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Wed, 18 Nov 2020 15:38:11 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://securityaffairs.co
content-type
application/json; charset=UTF-8
content-length
95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ortb
bid.contextweb.com/header/ Frame 52AB
0
502 B
XHR
General
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
server
envoy
status
204
cwdl
22/120
access-control-allow-origin
https://securityaffairs.co
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
cw-server
bid-deployment-cd47dcd94-lr9x5
hb
ice.360yield.com/ Frame EAFF
94 B
310 B
XHR
General
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217fac8ce581f874%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22275d849c336aad%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22254128%2C%22tid%22%3A%222fe648fa-a050-48c2-8ec7-2871973ae0f6%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.112.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fe5a0b9284ad9a848a72e803f6506991a27ff53b25a91739aab9b73e81b7ac3b

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Wed, 18 Nov 2020 15:38:11 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://securityaffairs.co
content-type
application/json; charset=UTF-8
content-length
94
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
translator
hbopenbid.pubmatic.com/ Frame EAFF
0
61 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 18 Nov 2020 15:38:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://securityaffairs.co
arj
pixfuture2-d.openx.net/w/1.0/ Frame EAFF
174 B
357 B
XHR
General
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=2fe648fa-a050-48c2-8ec7-2871973ae0f6&nocache=1605713891175&gdpr=0&pubcid=98efd54f-81d6-483b-8e31-170de3266d62&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=300x250&divIds=24270x300x250x4142x_ADSLOT1&auid=540580840&tps=bXlrZXl3b3JkPTI0Njg2OSx3aW5kb3dzLHN5c3RlbXMsYXJlLHN0aWxsLHZ1bG5lcmFibGUsYmx1ZWtlZXAsZmxhd3NlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9MjQ2ODY5LHdpbmRvd3Msc3lzdGVtcyxhcmUsc3RpbGwsdnVsbmVyYWJsZSxibHVla2VlcCxmbGF3c2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.198.0 /
Resource Hash
2c248ac6c08256776d7133ba0e76fe682a1c91001d32e4d89a9606e9a7d02d79

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
server
OXGW/16.198.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
ADTECH;apid=1A108c3252-29b4-11eb-b7e4-12d2f833f2cc;cfp=1;rndc=1605713891;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=1605713891176
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ Frame EAFF
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=1605713891176;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ADTECH;cfp=1;rndc=1605713890;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=1605713891176
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ADTECH;apid=1A108c3252-29b4-11eb-b7e4-12d2f833f2cc;cfp=1;rndc=1605713891;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=16057...
48 B
105 B
XHR
General
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ADTECH;apid=1A108c3252-29b4-11eb-b7e4-12d2f833f2cc;cfp=1;rndc=1605713891;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=1605713891176
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
6db4ccd654679e9103364fd67fa7bf3458b4d06f7d5976893908008efde8ffa7

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:11 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
48
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:11 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344884/0/0/ADTECH;apid=1A108c3252-29b4-11eb-b7e4-12d2f833f2cc;cfp=1;rndc=1605713891;v=2;cmd=bid;cors=yes;alias=199d19e4cbdb5ae;misc=1605713891176
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
2
prebid.mgid.com/prebid/ Frame EAFF
0
593 B
XHR
General
Full URL
https://prebid.mgid.com/prebid/2
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:11 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
baf5e93e-8b72-4b40-98a4-4f3a3e4597b4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
204
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://securityaffairs.co
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
5f42c6ec392bfcb5-VIE
cf-request-id
067d9aa7a40000fcb5c88d9000000001
server
cloudflare
trinity.json
apex.go.sonobi.com/ Frame EAFF
1 KB
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2212a4097b6d23261%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.1%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&s=fc14c3f9-f453-447e-9eb1-b5bee3f5fc30&pv=473396b7-0a6a-4277-a484-78be55d036cd&vp=mobile&lib_name=prebid&lib_v=3.25.0&us=0&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&kw=246869%2Cwindows%2Csystems%2Care%2Cstill%2Cvulnerable%2Cbluekeep%2Cflawsecurity%2Caffairs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
c448a65752c61f1737babe0012543d61411f401deac1cbfed291ad0083ad8fd9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:11 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
587
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ortb
bid.contextweb.com/header/ Frame EAFF
0
347 B
XHR
General
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
server
envoy
status
204
cwdl
22/120
access-control-allow-origin
https://securityaffairs.co
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
cw-server
bid-deployment-cd47dcd94-9m99c
prebid
ib.adnxs.com/ut/v3/ Frame EAFF
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d24870fe2c57307bb56c726de944bc73eecef58447c3f516c67c476ebdb46b16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:11 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.238:80
AN-X-Request-Uuid
10a8831a-db2a-4873-99ba-9ffc792ff97a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
nrrV97497.js
contextual.media.net/4a/ Frame 9091
92 KB
30 KB
Script
General
Full URL
https://contextual.media.net/4a/nrrV97497.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"6b9b6ac54c0e2971948a958e12b6cad2"
vary
Accept-Encoding
x-mnet-h
10-6
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=1209600
date
Wed, 18 Nov 2020 15:38:11 GMT
content-length
30495
expires
Wed, 02 Dec 2020 15:38:11 GMT
1.jpg
contextual.media.net/__media__/pics/800060601/ Frame 9091
5 KB
5 KB
Image
General
Full URL
https://contextual.media.net/__media__/pics/800060601/1.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
05999befd49ad70a0d0648a08d12fa80206fa88822a907ff426f0eadcc437c1a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
status
200
cache-control
max-age=115334
accept-ranges
bytes
content-length
4781
expires
Thu, 19 Nov 2020 23:40:25 GMT
2.jpg
contextual.media.net/__media__/pics/800060601/ Frame 9091
4 KB
4 KB
Image
General
Full URL
https://contextual.media.net/__media__/pics/800060601/2.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0758ad694d2f74d096d49d79e32cb100eeb38dc6ff11c2f9a870de5eb5a35b5f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
status
200
cache-control
max-age=183471
accept-ranges
bytes
content-length
3740
expires
Fri, 20 Nov 2020 18:36:02 GMT
3.jpg
contextual.media.net/__media__/pics/800060601/ Frame 9091
3 KB
3 KB
Image
General
Full URL
https://contextual.media.net/__media__/pics/800060601/3.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0bdb519e9746b7b770969e860e0bbf41606bc4b814479ddd4f8688f2cafcc01a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
status
200
cache-control
max-age=184005
accept-ranges
bytes
content-length
3376
expires
Fri, 20 Nov 2020 18:44:56 GMT
4.jpg
contextual.media.net/__media__/pics/800060601/ Frame 9091
5 KB
5 KB
Image
General
Full URL
https://contextual.media.net/__media__/pics/800060601/4.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9282ea078a317f764d3883e732d14a2e80575e437b710144396d453f5a19139a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
status
200
cache-control
max-age=234023
accept-ranges
bytes
content-length
5051
expires
Sat, 21 Nov 2020 08:38:34 GMT
truncated
/ Frame 9091
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf9b76f5559de92c2cc7df8fa751c09d9a3bbfada6123d975c75c4a093f8cfeb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9091
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9091
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
OpenSans-Regular.woff
contextual.media.net/__media__/fonts/OpenSans-Regular/ Frame 9091
66 KB
66 KB
Font
General
Full URL
https://contextual.media.net/__media__/fonts/OpenSans-Regular/OpenSans-Regular.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://securityaffairs.co
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
status
200
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
67528
expires
Thu, 19 Nov 2020 15:38:11 GMT
4971326f-0605-4319-976f-d71ebf0d6987.jpg
cvision.media.net/new/100x75/2/150/120/65/ Frame 9091
9 KB
9 KB
Image
General
Full URL
https://cvision.media.net/new/100x75/2/150/120/65/4971326f-0605-4319-976f-d71ebf0d6987.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
06ec06211946a2375da6be1c89adbd3c5f8d33a3d84317d09e221f491421a994

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Thu, 22 Mar 2018 11:03:23 GMT
server
nginx
etag
"5ab38d7b-2355"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
9045
93e624ad-213d-4e98-8696-9715e4dbafaf.jpg
cvision.media.net/new/100x75/3/59/64/124/ Frame 9091
7 KB
8 KB
Image
General
Full URL
https://cvision.media.net/new/100x75/3/59/64/124/93e624ad-213d-4e98-8696-9715e4dbafaf.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8409b9764e33ddac8490144f1efd0a9c4bb5fe5966994deeedd0e4e535dfcf2e

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Thu, 29 Mar 2018 22:05:34 GMT
server
nginx
etag
"5abd632e-1d80"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
7552
8309884e-ab0b-4418-81b3-6dc62e06ca5f.jpg
cvision.media.net/new/100x75/3/119/249/168/ Frame 9091
8 KB
8 KB
Image
General
Full URL
https://cvision.media.net/new/100x75/3/119/249/168/8309884e-ab0b-4418-81b3-6dc62e06ca5f.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ac10670ad06b9d3132c985fbe634b58d2ac2e8dee4ce0c8ca90fda2320c24462

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Mon, 03 Dec 2018 17:45:02 GMT
server
nginx
etag
"5c056b9e-2154"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
8532
a538304c-b1bd-4f24-bf97-434095367cdf.jpg
cvision.media.net/new/100x75/2/52/4/121/ Frame 9091
9 KB
9 KB
Image
General
Full URL
https://cvision.media.net/new/100x75/2/52/4/121/a538304c-b1bd-4f24-bf97-434095367cdf.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
11bee4388801dae17de9afe8e83c49f430ec3504207570d10d2e3a60bbcf24f2

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Fri, 01 Jun 2018 19:34:48 GMT
server
nginx
etag
"5b119fd8-2284"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
8836
nrrV97497.js
contextual.media.net/4a/ Frame AB1A
92 KB
30 KB
Script
General
Full URL
https://contextual.media.net/4a/nrrV97497.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"6b9b6ac54c0e2971948a958e12b6cad2"
vary
Accept-Encoding
x-mnet-h
10-6
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=1209600
date
Wed, 18 Nov 2020 15:38:11 GMT
content-length
30495
expires
Wed, 02 Dec 2020 15:38:11 GMT
truncated
/ Frame AB1A
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AB1A
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
bullet13.woff
contextual.media.net/__media__/fonts/bullet13/ Frame AB1A
2 KB
2 KB
Font
General
Full URL
https://contextual.media.net/__media__/fonts/bullet13/bullet13.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://securityaffairs.co
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
status
200
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1692
expires
Thu, 19 Nov 2020 15:38:11 GMT
nrrV97497.js
contextual.media.net/4a/ Frame B8CD
92 KB
30 KB
Script
General
Full URL
https://contextual.media.net/4a/nrrV97497.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"6b9b6ac54c0e2971948a958e12b6cad2"
vary
Accept-Encoding
x-mnet-h
10-6
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=1209600
date
Wed, 18 Nov 2020 15:38:11 GMT
content-length
30495
expires
Wed, 02 Dec 2020 15:38:11 GMT
truncated
/ Frame B8CD
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B8CD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
bullet13.woff
contextual.media.net/__media__/fonts/bullet13/ Frame B8CD
2 KB
2 KB
Font
General
Full URL
https://contextual.media.net/__media__/fonts/bullet13/bullet13.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://securityaffairs.co
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
status
200
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1692
expires
Thu, 19 Nov 2020 15:38:11 GMT
nrrV97497.js
contextual.media.net/4a/ Frame 1F42
92 KB
30 KB
Script
General
Full URL
https://contextual.media.net/4a/nrrV97497.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5BD6EW&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"6b9b6ac54c0e2971948a958e12b6cad2"
vary
Accept-Encoding
x-mnet-h
10-6
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=1209600
date
Wed, 18 Nov 2020 15:38:11 GMT
content-length
30495
expires
Wed, 02 Dec 2020 15:38:11 GMT
truncated
/ Frame 1F42
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1F42
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
Lato-Regular.woff
contextual.media.net/__media__/fonts/Lato-Regular/ Frame 1F42
37 KB
38 KB
Font
General
Full URL
https://contextual.media.net/__media__/fonts/Lato-Regular/Lato-Regular.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b7c2309c6e08de495b618ca1d7325a767ce1f1921447efad9eb29fb42824d611
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://securityaffairs.co
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
status
200
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
38240
expires
Thu, 19 Nov 2020 15:38:11 GMT
bullet16.woff
contextual.media.net/__media__/fonts/bullet16/ Frame 1F42
2 KB
2 KB
Font
General
Full URL
https://contextual.media.net/__media__/fonts/bullet16/bullet16.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c567f5f0ea4a8f2b5ef941a4b6b4d4d616e8198a96b6fab88df74a5bc3b5dce
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://securityaffairs.co
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
status
200
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2000
expires
Thu, 19 Nov 2020 15:38:11 GMT
bql.php
lg3.media.net/ Frame 9091
15 B
216 B
Script
General
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605713890522031179494409728&geo=48.20|16.37&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYLwhJUlm3C41wgYMNC57jA1RL0Phf9VrKHJA2uivnHlmYXlU160l4SftrEfpM2HmnFAvr-sxB4Qi&lpid=&tsid=1&q=&prv=&type=&ps=&cme=7dPTaC80jmNMZjUhuBjSBGX3pvsqPW4y5YiIGzlagvdI57V4Sk3m2qD1hkIk9Q-Bhz2ibnoTDuSm2-L8Cz_fwCkyltC_syB-cBovoSjhfTZaP7mxYen1A2xm4PJf4liQsOqZzpCv5hY_7FqmeA2L010iFhqwvKWTyPYVAS8Hf1E15KGrDBYBixHP5s9y4biUfSL4QBJ6TcEzNgFDS9VfMbtapmhhUBCF%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CvCbSeqHpZdVEVXAjSyXJuIn6Jf3lJXBza65Iyye8OCWtpFHTdWZ2-qgcWSv4lo_AtcMTY0lxvJvQ_60W00zN4rgilbJ73nQi69XfEbfPPIA%3D%7CN7fu2vKt8_s%3D%7CSd5Ea-Bg2CNQ4ks1alB-RxvxDFrpr4gbQSBsGwxeti67qRew_I141aVQvTnfMIKyPYnU4UFhCkCxaIuIAig2YroraFr7NEk6HiORfckBymet5ySgXYZxcCyXWPpRXNCZFC_W9YL6T1oRknR87du7_xML7Gl0jVge7EhU1n61Ctb7-3y6r5AaSk2FVsJRmRNkqfJBBtjax5CBR_FyLKpeOP8I0uMmAv4X%7C&hint=&td=&cc=AT&wsip=2887305230&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=Nu9&&rc=0&ksu=207&fdkt=341&kwd[]=Cloud%20Security%20Threats&kwt[]=341&kbc[]=im327354297&kwp[]=1&kid[]=327354297&kbc2[]=vulnerability%7C%7Cir%3D1%7C%7Ciid%3D1795014%7C%7Cps%3D0.865%7C%7Crpc%3D0.71%7C%7Clvl%3D1.00&ktd[]=1126178828255488&kwd[]=Security%20Vulnerability%20Assessment&kwt[]=341&kbc[]=im25586745&kwp[]=2&kid[]=25586745&kbc2[]=vulnerability%7C%7Cir%3D1%7C%7Ciid%3D8620626%7C%7Cps%3D0.865%7C%7Crpc%3D0.60%7C%7Clvl%3D1.00&ktd[]=1126725379621120&kwd[]=Acunetix%20Web%20Vulnerability%20Scanner&kwt[]=341&kbc[]=im37367378&kwp[]=3&kid[]=37367378&kbc2[]=web%7C%7Cir%3D1%7C%7Ciid%3D11314128%7C%7Cps%3D0.865%7C%7Crpc%3D0.33%7C%7Clvl%3D1.00&ktd[]=1126177217642752&kwd[]=Network%20Vulnerability%20Scanner&kwt[]=341&kbc[]=im30219595&kwp[]=4&kid[]=20332811&kbc2[]=vulnerability%7C%7Cir%3D1%7C%7Ciid%3D9292872%7C%7Cps%3D0.865%7C%7Crpc%3D0.30%7C%7Clvl%3D1.00&ktd[]=277042364672&rand=1605713891347&cid=8CU5BD6EW&vwid=1605713890939513026&vi=1605713890939513026&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605713890143331472&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1605713890522&upk=1605713891.26842&hvsid=00001605713890522031179494409728&verid=111299&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&pid=8PO5M70HK&katen=1&pc=25&matm=1605713891354&vgd_ltime=931&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=807056978&vgd_katbid=-21&vgd_kals=ttype%3D10007%7C%7Cpc%3D25&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305234&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV&vgd_x_pos=320&vgd_y_pos=3267&vgd_ren_page_h=5051&vgd_cty=VIENNA&vgd_l1hcsd=N3%7C7715&vgd_sethcsd=N6%7C7700&vgd_cfud=191226&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=630_250&vgd_scr_h=1200&vgd_scr_w=1600&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&oRurl=http%3A%2F%2Fcdn3e%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DAT%26isOffice%3D0%26fvips%3D0%26vi%3D1605713890939513026%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D733976884%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f111051%252fhacking%252fwindows-vulnerable-bluekeep.html%26%26katid%3D807056978%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A630%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A4&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
status
200
date
Wed, 18 Nov 2020 15:38:11 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 18 Nov 2020 15:38:11 GMT
log
navvy.media.net/ Frame 9091
807 B
997 B
Other
General
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.153.104.139 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
server
Jetty(9.4.7.v20170914)
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
content-length
807
expires
Wed, 18 Nov 2020 15:38:12 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E512
92 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c21f640ff99882107394ad078a71fdf2edbe3454aae86f2fccde6a854931e4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
32490
x-xss-protection
0
server
cafe
etag
16170652261030677094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 18 Nov 2020 15:38:11 GMT
demo_track.js
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 52AB
3 KB
3 KB
Script
General
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v594
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 18 Nov 2020 15:38:11 GMT
Last-Modified
Mon, 06 Jul 2020 13:30:16 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5f032768-a4e"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
2638
Expires
Fri, 20 Nov 2020 15:38:11 GMT
bql.php
lg3.media.net/ Frame AB1A
15 B
216 B
Script
General
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605713890725031179494406081&geo=48.20|16.37&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYLwhJUlm3C41iW1UwejsRf5bu1CKs-Al7FaJ2V46HxhnrCJ_6JtzXxoBOfvGXxW3g7U-6OiA4Fh2&lpid=&tsid=1&q=&prv=&type=&ps=&cme=hbAA2rMEkLT904po3n16Cb70msvtwRxbd-ETOe4rH8T3TxUs6n6wey2hFobBbXTry1Ge6fNi16O92pCyfKQ5XfCmGOomB0sLd8tOZdeKCzONPK6qSqB94hATCmsUnRSr5MQd23208OhMbDP3wjjCqqBOCvv0mhCTQXZ242r_W5yJ8ESw1l2amy2UImkqxZoxH0bov136VOeOOaluRjxiBHqCl7Ez-8BS%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CvCbSeqHpZdVEVXAjSyXJuIn6Jf3lJXBza65Iyye8OCWtpFHTdWZ2-qgcWSv4lo_AtcMTY0lxvJvQ_60W00zN4rgilbJ73nQi69XfEbfPPIA%3D%7CN7fu2vKt8_s%3D%7CeyOPkfgOPIgs9mYELDR5YogjErlzkStq-S9loy2UvaWuxlMTEh_zEuJg5swsvxff7cw1zaxSmZuNvijRQN31ien5wRMzljsdJwXLUr3mtzvVsWn5nmXcIVTDiez0YDYDv9_h5PL-w6v-nGlxQjoD9PuESGUHVX_M4k1P-2wmp4QhbQgCwho-kbSswM6KVJCCM2NclhIqE1rUUgfIPrPMHQ%3D%3D%7C&hint=&td=&cc=AT&wsip=2886781337&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=NW&&rc=0&ksu=207&fdkt=341&kwd[]=Cloud%20Security%20Threats&kwt[]=341&kbc[]=im327354297&kwp[]=1&kid[]=327354297&kbc2[]=vulnerability%7C%7Cps%3D0.865%7C%7Crpc%3D0.71%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Free%20Cyber%20Security%20Tools&kwt[]=341&kbc[]=im329470188&kwp[]=2&kid[]=329470188&kbc2[]=information%20security%7C%7Cps%3D0.865%7C%7Crpc%3D0.63%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Security%20Vulnerability%20Assessment&kwt[]=341&kbc[]=im25586745&kwp[]=3&kid[]=25586745&kbc2[]=vulnerability%7C%7Cps%3D0.865%7C%7Crpc%3D0.60%7C%7Clvl%3D1.00&ktd[]=1126724574314752&kwd[]=Advanced%20Malware%20Protection&kwt[]=341&kbc[]=im326682891&kwp[]=4&kid[]=326682891&kbc2[]=system%7C%7Cps%3D0.865%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Vulnerability%20Assessment%20Scanner&kwt[]=341&kbc[]=im20332811&kwp[]=5&kid[]=30219595&kbc2[]=net%20work%7C%7Cps%3D0.865%7C%7Crpc%3D0.36%7C%7Clvl%3D1.00&ktd[]=1126174801723648&rand=1605713891465&cid=8CU5BD6EW&vwid=1605713890825526223&vi=1605713890825526223&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605713890135329686&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1605713890725&upk=1605713891.26842&hvsid=00001605713890725031179494406081&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=13&matm=1605713891469&vgd_ltime=746&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=807056980&vgd_katbid=-21&vgd_kals=ttype%3D10007%7C%7Cpc%3D13&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886781041&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-647633027%7CDIV&vgd_x_pos=980&vgd_y_pos=723&vgd_ren_page_h=5051&vgd_cty=VIENNA&vgd_l1hcsd=N6%7C7715&vgd_sethcsd=N6%7C7700&vgd_cfud=200203&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DAT%26isOffice%3D0%26fvips%3D0%26vi%3D1605713890825526223%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D647633027%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f111051%252fhacking%252fwindows-vulnerable-bluekeep.html%26%26katid%3D807056980%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
status
200
date
Wed, 18 Nov 2020 15:38:11 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 18 Nov 2020 15:38:11 GMT
log
navvy.media.net/ Frame AB1A
807 B
997 B
Other
General
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.153.104.139 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
server
Jetty(9.4.7.v20170914)
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
content-length
807
expires
Wed, 18 Nov 2020 15:38:12 GMT
bql.php
lg3.media.net/ Frame B8CD
15 B
216 B
Script
General
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605713890695031179494406407&geo=48.20|16.37&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYLwhJUlm3C41iW1UwejsRf5bu1CKs-Al7FaJ2V46HxhnrCJ_6JtzXxpZdwQPK_87gFS5BMfCVA5r&lpid=&tsid=1&q=&prv=&type=&ps=&cme=BifDpa5ligJhs4sBn_GRPwtsZXBnqE2Qmt8i9MaXG0COYgH7bWIQtYXhAvVJh_wuF21mruGw8-zoURfIJi3HXcSQCAzgwj7NPaPkke1KW1tSUjembb6_aDZm_eo93HUdzkAniOLy0dNMpQ0p2C9LxuawtPr5ipHqvEqh4AnpXEWXYkVSE32jzWwnTSc-FedI4fiP-vI523OHW-GKqygQOWo9CjCids8O%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CvCbSeqHpZdVEVXAjSyXJuIn6Jf3lJXBza65Iyye8OCWtpFHTdWZ2-qgcWSv4lo_AtcMTY0lxvJvQ_60W00zN4rgilbJ73nQi69XfEbfPPIA%3D%7CN7fu2vKt8_s%3D%7CuDDuJJF4UIGnzYharipMADMrQkWYRsINmH0_cFfZ1lecr_0A9bEBDeSw8HUupISC5ex-hk2EnjNoZ7S58JtYaFme24YWGsVt70ub3hgYzHdZ5WtUnLQI0kxXSgExtpjPOfY4IOvr5gl5dXSGjf7ICUISlYNTlOGHtDXGTlmmTy-qI4Krs7OC6kIe7uU71h4OOV-opW8Yro5crP34BaWSgYMnn4UBV791%7C&hint=&td=&cc=AT&wsip=2886781338&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=NW&&rc=0&ksu=207&fdkt=341&kwd[]=Cloud%20Security%20Threats&kwt[]=341&kbc[]=im327354297&kwp[]=1&kid[]=327354297&kbc2[]=vulnerability%7C%7Cps%3D0.865%7C%7Crpc%3D0.71%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Free%20Cyber%20Security%20Tools&kwt[]=341&kbc[]=im329470188&kwp[]=2&kid[]=329470188&kbc2[]=information%20security%7C%7Cps%3D0.865%7C%7Crpc%3D0.63%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Security%20Vulnerability%20Assessment&kwt[]=341&kbc[]=im25586745&kwp[]=3&kid[]=25586745&kbc2[]=vulnerability%7C%7Cps%3D0.865%7C%7Crpc%3D0.60%7C%7Clvl%3D1.00&ktd[]=1126724574314752&kwd[]=Advanced%20Malware%20Protection&kwt[]=341&kbc[]=im326682891&kwp[]=4&kid[]=326682891&kbc2[]=system%7C%7Cps%3D0.865%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Vulnerability%20Assessment%20Scanner&kwt[]=341&kbc[]=im20332811&kwp[]=5&kid[]=30219595&kbc2[]=net%20work%7C%7Cps%3D0.865%7C%7Crpc%3D0.36%7C%7Clvl%3D1.00&ktd[]=1126174801723648&rand=1605713891479&cid=8CU5BD6EW&vwid=1605713890171317768&vi=1605713890171317768&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605713890135329686&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1605713890695&upk=1605713891.26842&hvsid=00001605713890695031179494406407&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=50&matm=1605713891483&vgd_ltime=795&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=807056980&vgd_katbid=-21&vgd_kals=ttype%3D10007%7C%7Cpc%3D50&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886781337&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-829833831%7CDIV&vgd_x_pos=320&vgd_y_pos=518&vgd_ren_page_h=5051&vgd_cty=VIENNA&vgd_l1hcsd=N6%7C7715&vgd_sethcsd=N6%7C7700&vgd_cfud=200203&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=630_250&vgd_scr_h=1200&vgd_scr_w=1600&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DAT%26isOffice%3D0%26fvips%3D0%26vi%3D1605713890171317768%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D829833831%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f111051%252fhacking%252fwindows-vulnerable-bluekeep.html%26%26katid%3D807056980%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A630%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
status
200
date
Wed, 18 Nov 2020 15:38:11 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 18 Nov 2020 15:38:11 GMT
log
navvy.media.net/ Frame B8CD
807 B
998 B
Other
General
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.153.104.139 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
server
Jetty(9.4.7.v20170914)
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
content-length
807
expires
Wed, 18 Nov 2020 15:38:12 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame E512
231 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88601
x-xss-protection
0
server
cafe
etag
4353532171737760018
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Nov 2020 15:38:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 2B67
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201112/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 18 Nov 2020 01:33:36 GMT
expires
Wed, 02 Dec 2020 01:33:36 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
50675
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame DBDB
92 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c21f640ff99882107394ad078a71fdf2edbe3454aae86f2fccde6a854931e4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
32490
x-xss-protection
0
server
cafe
etag
16170652261030677094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 18 Nov 2020 15:38:11 GMT
demo_track.js
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame EAFF
3 KB
3 KB
Script
General
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v984
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 18 Nov 2020 15:38:11 GMT
Last-Modified
Mon, 06 Jul 2020 13:30:16 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5f032768-a4e"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
2638
Expires
Fri, 20 Nov 2020 15:38:11 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame DBDB
231 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88601
x-xss-protection
0
server
cafe
etag
4353532171737760018
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Nov 2020 15:38:11 GMT
demo_track.php
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 52AB
36 B
615 B
XHR
General
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v594
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:11 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Fri, 20 Nov 2020 15:38:11 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame DBDB
208 B
646 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e5ec573549c3a753ec60d2cb6a1405881581178aea0472a98c7c1e03ba16d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame DBDB
109 B
169 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DBDB
109 B
321 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F69B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1357492128&pi=t.ma~as.1680648786&w=300&lmt=1605713891&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605713891558&bpp=4&bdt=32&idt=52&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=7495332493383&frm=21&ife=1&pv=2&ga_vid=426609410.1605713890&ga_sid=1605713892&ga_hid=2021530875&ga_fc=1&iag=63&icsg=650&nhd=3&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2986&biw=1600&bih=1200&isw=300&ish=250&ifk=4247345361&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=771840114873288&pem=254&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.go5gl990d39f&btvi=1&fsb=1&xpc=A7VsHTBkaL&p=https%3A//securityaffairs.co&dtd=71
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1357492128&pi=t.ma~as.1680648786&w=300&lmt=1605713891&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605713891558&bpp=4&bdt=32&idt=52&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=7495332493383&frm=21&ife=1&pv=2&ga_vid=426609410.1605713890&ga_sid=1605713892&ga_hid=2021530875&ga_fc=1&iag=63&icsg=650&nhd=3&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2986&biw=1600&bih=1200&isw=300&ish=250&ifk=4247345361&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=771840114873288&pem=254&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.go5gl990d39f&btvi=1&fsb=1&xpc=A7VsHTBkaL&p=https%3A//securityaffairs.co&dtd=71
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 18 Nov 2020 15:38:11 GMT
server
cafe
content-length
6708
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 18-Nov-2020 15:53:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Nov 2020 15:38:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame DBDB
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7193a6ae7349709641cdd713db8351d7361ed1ef6bed9ee8fb7631ab4c06453e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605529771095600"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28207
x-xss-protection
0
expires
Wed, 18 Nov 2020 15:38:11 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame E512
208 B
262 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
f7b6378a1d4b8ae8b25110f6717f3b3c57f48c9b82591297c64a954a2deb2227
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E512
109 B
127 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E512
109 B
781 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6449
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1357492131&pi=t.ma~as.1139220782&w=320&lmt=1605713891&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605713891500&bpp=18&bdt=44&idt=142&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=7495332493383&frm=21&ife=1&pv=1&ga_vid=426609410.1605713890&ga_sid=1605713892&ga_hid=1034413049&ga_fc=1&iag=63&icsg=650&nhd=3&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=963&biw=1600&bih=1200&isw=320&ish=50&ifk=2067344721&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3930490858291598&pem=254&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.nysz0o1nluue&fsb=1&xpc=1Eicu99RXH&p=https%3A//securityaffairs.co&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1357492131&pi=t.ma~as.1139220782&w=320&lmt=1605713891&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605713891500&bpp=18&bdt=44&idt=142&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=7495332493383&frm=21&ife=1&pv=1&ga_vid=426609410.1605713890&ga_sid=1605713892&ga_hid=1034413049&ga_fc=1&iag=63&icsg=650&nhd=3&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=963&biw=1600&bih=1200&isw=320&ish=50&ifk=2067344721&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3930490858291598&pem=254&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.nysz0o1nluue&fsb=1&xpc=1Eicu99RXH&p=https%3A//securityaffairs.co&dtd=150
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 18 Nov 2020 15:38:11 GMT
server
cafe
content-length
22261
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 18-Nov-2020 15:53:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Nov 2020 15:38:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame E512
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7193a6ae7349709641cdd713db8351d7361ed1ef6bed9ee8fb7631ab4c06453e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605529771095600"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28207
x-xss-protection
0
expires
Wed, 18 Nov 2020 15:38:11 GMT
demo_track.php
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame EAFF
36 B
615 B
XHR
General
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v984
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:11 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Fri, 20 Nov 2020 15:38:11 GMT
bql.php
lg3.media.net/ Frame 1F42
15 B
216 B
Script
General
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001605713890716031179494404687&geo=48.20|16.37&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYLwhJUlm3C41iW1UwejsRf5bu1CKs-Al7FaJ2V46HxhnrCJ_6JtzXxpPD6wQ0XIT4bYH4yw9Aktp&lpid=&tsid=1&q=&prv=&type=&ps=&cme=7dPTaC80jmO1AhCMYkyCIhZfbrLmVWbc7ASJfw4PiHmMS-lDkMa1Y_nRYWBbMWPrH5Opt-nUqxacsI5ZiocFo_09l7LMA_0Tjf1UqGDI6xjbpM4-rPa5jlhoy6fvhzc5oXVOsH8nvddmrQwNwcNVbd-CuwObSUQ89SaUw5Pk3K4BwCh-4s6c2XadG6dr2IlprPTQ5Q2F8-dYFKGjRIoyBubD7GkuJ7aS%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CvCbSeqHpZdVEVXAjSyXJuIn6Jf3lJXBza65Iyye8OCWtpFHTdWZ2-qgcWSv4lo_AtcMTY0lxvJvQ_60W00zN4rgilbJ73nQi69XfEbfPPIA%3D%7CN7fu2vKt8_s%3D%7CeyOPkfgOPIhHGZBVTovBQSj7-OK-OZ3RL_p4G-8Gmo8_uoDZjYlwln6L2saPo-zo3p-WOqSm1Or4-pfkhWk2e2KjXIJtOS9HYY7j688c8YGys0XcihH748RrztXayp7ynfXIFsx-7xfLHl8_c2W038NJvVaJZ6UM9hb6UmTxnwjNbclCAjO1AR5bJkBHqxosMHABeXITFpvWnOIrwrB6xg%3D%3D%7C&hint=&td=&cc=AT&wsip=2886781041&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=NW&&rc=0&ksu=207&fdkt=341&kwd[]=Cloud%20Security%20Threats&kwt[]=341&kbc[]=im327354297&kwp[]=1&kid[]=327354297&kbc2[]=vulnerability%7C%7Cps%3D0.865%7C%7Crpc%3D0.71%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Free%20Cyber%20Security%20Tools&kwt[]=341&kbc[]=im329470188&kwp[]=2&kid[]=329470188&kbc2[]=information%20security%7C%7Cps%3D0.865%7C%7Crpc%3D0.63%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Security%20Vulnerability%20Assessment&kwt[]=341&kbc[]=im25586745&kwp[]=3&kid[]=25586745&kbc2[]=vulnerability%7C%7Cps%3D0.865%7C%7Crpc%3D0.60%7C%7Clvl%3D1.00&ktd[]=1126724574314752&kwd[]=Advanced%20Malware%20Protection&kwt[]=341&kbc[]=im326682891&kwp[]=4&kid[]=326682891&kbc2[]=system%7C%7Cps%3D0.865%7C%7Crpc%3D0.41%7C%7Clvl%3D1.00&ktd[]=1126174801723648&kwd[]=Vulnerability%20Assessment%20Scanner&kwt[]=341&kbc[]=im20332811&kwp[]=5&kid[]=30219595&kbc2[]=net%20work%7C%7Cps%3D0.865%7C%7Crpc%3D0.36%7C%7Clvl%3D1.00&ktd[]=1126174801723648&rand=1605713891494&cid=8CU5BD6EW&vwid=1605713890149443330&vi=1605713890149443330&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1605713890135329686&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1605713890716&upk=1605713891.26842&hvsid=00001605713890716031179494404687&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=1&matm=1605713891498&vgd_ltime=1296&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=801344920&vgd_katbid=-21&vgd_kals=ttype%3D10002%7C%7Cpc%3D1&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886781041&vgd_nrrsf=nrr&vgd_nrrv=97497&vgd_nrrs=97497&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-184323154%7CDIV&vgd_x_pos=980&vgd_y_pos=413&vgd_ren_page_h=5051&vgd_cty=VIENNA&vgd_l1hcsd=N6%7C7715&vgd_sethcsd=N6%7C7700&vgd_cfud=200309&vgd_is_amp=0&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DAT%26isOffice%3D0%26fvips%3D0%26vi%3D1605713890149443330%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D184323154%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f111051%252fhacking%252fwindows-vulnerable-bluekeep.html%26%26katid%3D801344920%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
status
200
date
Wed, 18 Nov 2020 15:38:12 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 18 Nov 2020 15:38:12 GMT
log
navvy.media.net/ Frame 1F42
807 B
997 B
Other
General
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV97497.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.153.104.139 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
server
Jetty(9.4.7.v20170914)
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
content-length
807
expires
Wed, 18 Nov 2020 15:38:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E512
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d02719f341a6d79fe181f86129a17d1c3763daddc21022020ee4589095dc12a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Nov 2020 15:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6348
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E512
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Wed, 18 Nov 2020 15:38:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 4A65
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Wed, 18 Nov 2020 14:54:17 GMT
expires
Thu, 18 Nov 2021 14:54:17 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2635
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame DBDB
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5297a3e43e6bfeaaf653edbbdfacca6253138fdd9aec861b954ac1add4db30c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Nov 2020 15:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6431
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DBDB
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 15:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Wed, 18 Nov 2020 15:38:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 72C9
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Wed, 18 Nov 2020 14:54:17 GMT
expires
Thu, 18 Nov 2021 14:54:17 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2635
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bqi.php
lg3.media.net/
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO5M70HK&vgd_viab=1&katid=807056980&kals=ttype%3D10007%7C%7Cpc%3D13&katen=1&pc=13&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=hbAA2rMEkLT904po3n16Cb70msvtwRxbd-ETOe4rH8T3TxUs6n6wey2hFobBbXTry1Ge6fNi16O92pCyfKQ5XfCmGOomB0sLd8tOZdeKCzONPK6qSqB94hATCmsUnRSr5MQd23208OhMbDP3wjjCqqBOCvv0mhCTQXZ242r_W5yJ8ESw1l2amy2UImkqxZoxH0bov136VOeOOaluRjxiBHqCl7Ez-8BS||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|vCbSeqHpZdVEVXAjSyXJuIn6Jf3lJXBza65Iyye8OCWtpFHTdWZ2-qgcWSv4lo_AtcMTY0lxvJvQ_60W00zN4rgilbJ73nQi69XfEbfPPIA=|N7fu2vKt8_s=|eyOPkfgOPIgs9mYELDR5YogjErlzkStq-S9loy2UvaWuxlMTEh_zEuJg5swsvxff7cw1zaxSmZuNvijRQN31ien5wRMzljsdJwXLUr3mtzvVsWn5nmXcIVTDiez0YDYDv9_h5PL-w6v-nGlxQjoD9PuESGUHVX_M4k1P-2wmp4QhbQgCwho-kbSswM6KVJCCM2NclhIqE1rUUgfIPrPMHQ==|&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=647633027&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&vi=1605713890825526223&ugd=4&cc=AT&startTime=1605713890723&l2type=setting&vgd_l1rakh=1605713890135329686&l1ch=1&sttm=1605713890725&upk=1605713891.26842&hvsid=00001605713890725031179494406081&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!N6|7715&vgd_uspa=0&vgd_isiolc=1&npgv=1&l3c=%7B%7D&l3d=%7B%22cntrdt%22%3A%22AS%7CDIV-647633027%7CDIV%22%7D&l3l=%7B%7D&l2ch=0&l2wsip=2886781041
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 18 Nov 2020 15:38:12 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 18 Nov 2020 15:38:12 GMT
bqi.php
lg3.media.net/
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO5M70HK&vgd_viab=1&katid=807056980&kals=ttype%3D10007%7C%7Cpc%3D50&katen=1&pc=50&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=BifDpa5ligJhs4sBn_GRPwtsZXBnqE2Qmt8i9MaXG0COYgH7bWIQtYXhAvVJh_wuF21mruGw8-zoURfIJi3HXcSQCAzgwj7NPaPkke1KW1tSUjembb6_aDZm_eo93HUdzkAniOLy0dNMpQ0p2C9LxuawtPr5ipHqvEqh4AnpXEWXYkVSE32jzWwnTSc-FedI4fiP-vI523OHW-GKqygQOWo9CjCids8O||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|vCbSeqHpZdVEVXAjSyXJuIn6Jf3lJXBza65Iyye8OCWtpFHTdWZ2-qgcWSv4lo_AtcMTY0lxvJvQ_60W00zN4rgilbJ73nQi69XfEbfPPIA=|N7fu2vKt8_s=|uDDuJJF4UIGnzYharipMADMrQkWYRsINmH0_cFfZ1lecr_0A9bEBDeSw8HUupISC5ex-hk2EnjNoZ7S58JtYaFme24YWGsVt70ub3hgYzHdZ5WtUnLQI0kxXSgExtpjPOfY4IOvr5gl5dXSGjf7ICUISlYNTlOGHtDXGTlmmTy-qI4Krs7OC6kIe7uU71h4OOV-opW8Yro5crP34BaWSgYMnn4UBV791|&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=829833831&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&vi=1605713890171317768&ugd=4&cc=AT&startTime=1605713890689&l2type=setting&vgd_l1rakh=1605713890135329686&l1ch=1&sttm=1605713890695&upk=1605713891.26842&hvsid=00001605713890695031179494406407&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!N6|7715&vgd_uspa=0&vgd_isiolc=1&npgv=1&l3c=%7B%7D&l3d=%7B%22cntrdt%22%3A%22AS%7CDIV-829833831%7CDIV%22%7D&l3l=%7B%7D&l2ch=0&l2wsip=2886781337
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 18 Nov 2020 15:38:12 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 18 Nov 2020 15:38:12 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6720
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgI3sJXEAoYASABKAEw4__U_QU4AUABSAEQ4__U_QUYAA..; uuid2=8869667146229506476
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

Connection
keep-alive
Content-Length
17037
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Tue, 24 Mar 2020 15:52:19 GMT
ETag
W/"5e7a2cb3-cefd"
Expires
Fri, 04 Sep 2020 06:04:52 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 18 Nov 2020 15:38:12 GMT
Age
34248
X-Served-By
cache-lga21951-LGA, cache-hhn4080-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 507350
X-Timer
S1605713893.584739,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9609
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=165234
Expires
Fri, 20 Nov 2020 13:32:06 GMT
Date
Wed, 18 Nov 2020 15:38:12 GMT
Connection
keep-alive
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 0569
0
0
Document
General
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
bh.contextweb.com
:scheme
https
:path
/visitormatch
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vf=1; wf=0; V=zrHoAEkm0HwI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-77d4cd6746-fghkm
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
content-type
text/html;charset=iso-8859-1
set-cookie
V=;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 18-Nov-2020 15:38:12 GMT;Max-Age=0;SameSite=None INGRESSCOOKIE=ecc45381580f3b7f; path=/; HttpOnly; Secure; SameSite=None
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
pd
eu-u.openx.net/w/1.0/ Frame D021
0
0
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.198.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=98efd54f-81d6-483b-8e31-170de3266d62|1605713891
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=98efd54f-81d6-483b-8e31-170de3266d62|1605713891; Version=1; Expires=Thu, 18-Nov-2021 15:38:12 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605713892|gekin0vNiygu; Version=1; Expires=Thu, 03-Dec-2020 15:38:12 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.198.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 18 Nov 2020 15:38:12 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
us.gif
sync.go.sonobi.com/ Frame 52AB
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=4fb65fb5-3fe4-4600-97ff-77cedc7023f7
49 B
532 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=4fb65fb5-3fe4-4600-97ff-77cedc7023f7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 18 Nov 2020 15:42:02 GMT
Server
MT3 3322 7ec6219 master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=4fb65fb5-3fe4-4600-97ff-77cedc7023f7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 18 Nov 2020 15:42:01 GMT
usg.gif
sync.go.sonobi.com/ Frame 52AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZmUwY2E1Y2YtN2JkOS00NmMzLThlNTctMmNhNTZiZWZmOGNi
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIRadVkqg0hBUUKUAzYUXoQ&google_cver=1
49 B
532 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIRadVkqg0hBUUKUAzYUXoQ&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIRadVkqg0hBUUKUAzYUXoQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 52AB
Redirect Chain
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=386432757
  • https://sync.1rx.io/usersync/tradedesk/74567e28-13b9-4f95-9e4b-f437ac500428
  • https://sync.targeting.unrulymedia.com/csync/RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-b239a57c-cd7c-48bb-a983-ed3...
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003
49 B
536 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:13 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 18 Nov 2020 15:38:13 GMT
Server
Tengine
ETag
RXb239a57ccd7c48bba983ed3586c9b030003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003
Connection
keep-alive
Content-Type
text/html
us.gif
sync.go.sonobi.com/ Frame 52AB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475&google_hm=YzI2YzJjMWItMDU3NS00OTk5LWI3Y2YtMjg0MTc5OGZlNDc1
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBh4zH8L8tYDCJDxjbcAT7w&google_cver=1&ssp=sonobi&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c26c2c1b-0575-4999-b7cf-2841798fe475
49 B
446 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c26c2c1b-0575-4999-b7cf-2841798fe475
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

status
302
date
Wed, 18 Nov 2020 15:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c26c2c1b-0575-4999-b7cf-2841798fe475
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
us.gif
sync.go.sonobi.com/ Frame 52AB
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878964319560823
49 B
536 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878964319560823
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878964319560823
Server
Jetty(9.0.6.v20130930)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rtset
bh.contextweb.com/bh/ Frame 52AB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=fe0ca5cf-7bd9-46c3-8e57-2ca56beff8cb&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RDQ1MlpfY0hNb012aS01YnlIWkI3Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFptOafpOyLIUzimDejCehA&google_cver=1
49 B
333 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFptOafpOyLIUzimDejCehA&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-77d4cd6746-vhsxq
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFptOafpOyLIUzimDejCehA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 52AB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=74567e28-13b9-4f95-9e4b-f437ac500428&pubid=0b24fdfc82
49 B
446 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=74567e28-13b9-4f95-9e4b-f437ac500428&pubid=0b24fdfc82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
x-aspnet-version
4.0.30319
status
302
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=74567e28-13b9-4f95-9e4b-f437ac500428&pubid=0b24fdfc82
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
bqi.php
lg3.media.net/
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO5M70HK&vgd_viab=1&katid=801344920&kals=ttype%3D10002%7C%7Cpc%3D1&katen=1&pc=1&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=7dPTaC80jmO1AhCMYkyCIhZfbrLmVWbc7ASJfw4PiHmMS-lDkMa1Y_nRYWBbMWPrH5Opt-nUqxacsI5ZiocFo_09l7LMA_0Tjf1UqGDI6xjbpM4-rPa5jlhoy6fvhzc5oXVOsH8nvddmrQwNwcNVbd-CuwObSUQ89SaUw5Pk3K4BwCh-4s6c2XadG6dr2IlprPTQ5Q2F8-dYFKGjRIoyBubD7GkuJ7aS||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|vCbSeqHpZdVEVXAjSyXJuIn6Jf3lJXBza65Iyye8OCWtpFHTdWZ2-qgcWSv4lo_AtcMTY0lxvJvQ_60W00zN4rgilbJ73nQi69XfEbfPPIA=|N7fu2vKt8_s=|eyOPkfgOPIhHGZBVTovBQSj7-OK-OZ3RL_p4G-8Gmo8_uoDZjYlwln6L2saPo-zo3p-WOqSm1Or4-pfkhWk2e2KjXIJtOS9HYY7j688c8YGys0XcihH748RrztXayp7ynfXIFsx-7xfLHl8_c2W038NJvVaJZ6UM9hb6UmTxnwjNbclCAjO1AR5bJkBHqxosMHABeXITFpvWnOIrwrB6xg==|&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F111051%2Fhacking%2Fwindows-vulnerable-bluekeep.html&vi=1605713890149443330&ugd=4&cc=AT&startTime=1605713890715&l2type=setting&vgd_l1rakh=1605713890135329686&l1ch=1&sttm=1605713890716&upk=1605713891.26842&hvsid=00001605713890716031179494404687&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!N6|7715&vgd_uspa=0&vgd_isiolc=1&npgv=1&l3c=%7B%7D&l3d=%7B%22cntrdt%22%3A%22AS%7CDIV-184323154%7CDIV%22%7D&l3l=%7B%7D&l2ch=0&l2wsip=2886781041
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 18 Nov 2020 15:38:12 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 18 Nov 2020 15:38:12 GMT
us.gif
sync.go.sonobi.com/ Frame EAFF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=74567e28-13b9-4f95-9e4b-f437ac500428&pubid=0b24fdfc82
49 B
446 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=74567e28-13b9-4f95-9e4b-f437ac500428&pubid=0b24fdfc82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
x-aspnet-version
4.0.30319
status
302
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=74567e28-13b9-4f95-9e4b-f437ac500428&pubid=0b24fdfc82
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
us.gif
sync.go.sonobi.com/ Frame EAFF
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871597489307893879
49 B
446 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871597489307893879
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871597489307893879
Server
Jetty(9.0.6.v20130930)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame EAFF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475&google_hm=YzI2YzJjMWItMDU3NS00OTk5LWI3Y2YtMjg0MTc5OGZlNDc1
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBh4zH8L8tYDCJDxjbcAT7w&google_cver=1&ssp=sonobi&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c26c2c1b-0575-4999-b7cf-2841798fe475
49 B
446 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c26c2c1b-0575-4999-b7cf-2841798fe475
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

status
302
date
Wed, 18 Nov 2020 15:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c26c2c1b-0575-4999-b7cf-2841798fe475
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
us.gif
sync.go.sonobi.com/ Frame EAFF
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=5d6d5fb5-3fe4-4600-a58a-bfd26a38e0ff
49 B
536 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=5d6d5fb5-3fe4-4600-a58a-bfd26a38e0ff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 18 Nov 2020 15:42:02 GMT
Server
MT3 3322 7ec6219 master cdg-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=5d6d5fb5-3fe4-4600-a58a-bfd26a38e0ff
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 18 Nov 2020 15:42:01 GMT
us.gif
sync.go.sonobi.com/ Frame EAFF
Redirect Chain
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003&rndcb=8482924213
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=c26c2c1b-0575-4999-b7cf-2841798fe475
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=c26c2c1b-0575-4999-b7cf-2841798fe475
  • https://sync.1rx.io/usersync/bidswitch/c26c2c1b-0575-4999-b7cf-2841798fe475?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-b239a57c-cd7c-48bb-a983-ed3...
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003
49 B
448 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 18 Nov 2020 15:38:14 GMT
Server
Tengine
ETag
RXb239a57ccd7c48bba983ed3586c9b030003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-b239a57c-cd7c-48bb-a983-ed3586c9b030-003
Connection
keep-alive
Content-Type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9709
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=165234
Expires
Fri, 20 Nov 2020 13:32:06 GMT
Date
Wed, 18 Nov 2020 15:38:12 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 4037
0
0
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.198.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=98efd54f-81d6-483b-8e31-170de3266d62|1605713891; pd=v2|1605713892|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=98efd54f-81d6-483b-8e31-170de3266d62|1605713891; Version=1; Expires=Thu, 18-Nov-2021 15:38:12 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605713892|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Thu, 03-Dec-2020 15:38:12 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.198.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 18 Nov 2020 15:38:12 GMT
content-type
text/html
content-length
315
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6BF6
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgI3sJXEAoYASABKAEw4__U_QU4AUABSAEQ4__U_QUYAA..; uuid2=8869667146229506476
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

Connection
keep-alive
Content-Length
17037
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Tue, 24 Mar 2020 15:52:19 GMT
ETag
W/"5e7a2cb3-cefd"
Expires
Fri, 04 Sep 2020 06:04:52 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 18 Nov 2020 15:38:12 GMT
Age
34248
X-Served-By
cache-lga21951-LGA, cache-hhn4080-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 507352
X-Timer
S1605713893.631431,VS0,VE0
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 5116
0
0
Document
General
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid_uids2.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
bh.contextweb.com
:scheme
https
:path
/visitormatch
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vf=1; wf=0; V=zrHoAEkm0HwI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html

Response headers

status
200
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-77d4cd6746-x4tp2
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
content-type
text/html;charset=iso-8859-1
set-cookie
V=;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 18-Nov-2020 15:38:12 GMT;Max-Age=0;SameSite=None INGRESSCOOKIE=d10623f86bd2902c; path=/; HttpOnly; Secure; SameSite=None
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtset
bh.contextweb.com/bh/ Frame EAFF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=f869f92f-fe83-4c72-bbc4-6644d0a816cc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RDQ1MlpfY0hNb012aS01YnlIWkI3Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFptOafpOyLIUzimDejCehA&google_cver=1
49 B
333 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFptOafpOyLIUzimDejCehA&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-77d4cd6746-ht6rs
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFptOafpOyLIUzimDejCehA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usg.gif
sync.go.sonobi.com/ Frame EAFF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Zjg2OWY5MmYtZmU4My00YzcyLWJiYzQtNjY0NGQwYTgxNmNj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIRadVkqg0hBUUKUAzYUXoQ&google_cver=1
49 B
536 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIRadVkqg0hBUUKUAzYUXoQ&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 15:38:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIRadVkqg0hBUUKUAzYUXoQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E512
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=3930490858291598&bg=!m5ilmLjNAAUoamvQKFh7PdftNl3omAIAAAESUgAAACJoAQcKAMACM2dpGWQ5urPtW5fNUW9IvDwaQDR10ilYRsRGonL2VdGMfJtMvWPkrafAc721L2FG6PY4V_4F4bX-6QlkuzY8Wxw5GBZJ-yXvSLgsg1CEtyIzpziZzmG_AKnskyp8ZeaQWkhlxZw-XxlQuU8ZDOLOvzv3zcth4zc4ze9gyNNMwSyTOH0wKndx93gY94wPB0h6n7rzRgj6bqsqwkObveTl0rXDNwGGIagQ5ybbrNXMCcM3P0K54QaQGA-P6-JEaHaZAg8D5ZKMvGKxi51N7WUMC7TV3gB2NTZHMy4iR5wVU7kS_xc34ItBOBN0S-EQR-UjwWMZQ2c5KOQtw_n8kCmJxVwWUG2DjB1s0zSCmTUOOMlE0cSIL6OUxGXFsx08qTekO6Wdlg41L2R_dyrm1UUIW9MLKCAYxMik_xNLlV1VIKhuS050hPGxb-BPvAks3ipYtAJJoTBSQYoePz4dBTuOeAlGWxcCE8GRWfKrYLJQAlqbkvW-GNeXHAduruUZ_Kb6DdXsu06vbw6-9NMIR9FiDA3nikwR_97C5eQ_2ECuokv8u7GXsO-MwXignRqOHdYRc-LYOYzINPsE3LMCxWfmrH6GgXd_KXiSeqRLHvRE1r7G2ktMhyEYcaFDIDAXgvDillVqKML7y6uewvV-L12YjTkg8FT28T2Hc9alaV4vybwwCB60hWZ9JZjkV6u09MN7RiQbpJz7LsQclCiELv8jrxeWJ8xSkv69FzUgsp9MzFVFHBkVAL-mnei4i8Lxcl0qNSBixG9vwb9k1_ZXDmplsrEsvnxCGHZnOnKT5ZyAsoP1yWlTUkbInYMMHYiTtw3UOe5yUmNDt4xdDBVItbKMB6ERurW1ITbrU_5cdsoeKifU68_WjOiR6ClIIBkPya-IVfvOfFYTz6s7qX8XySkmsLW30fVSw-bTqc3QlgxQEqUpE9li0qn1_3BX-w-6kONPZQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
204
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBDB
0
160 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=771840114873288&bg=!qaqlqorNAAUoamvQKFhMu9gAlorZEAIAAAGZUgAAABpoAQcKAZtcwnM2JlAn1zX5hoaAfGYhaHGJej6Ege2Lc2PaMwMFeHJl-u0iBYlWRh0jYywP93l6JetQmuJKgRmPeJBqgdY8nvBKu4BpAlUhp07wDU9q1Al7mjNwVkSvuNoowkSa5bM4SBHifQVjn-w4vXPZ0V8RbKyHBpQkyahRNbyz_jKv2tf2lgX61qQmsTif6ekeGszKTEySMZ6OLMwTYOreM_xD11of8csoLiJFw-9ZhCx7yiHBa1Ir-x5mNdYE2qYIeyUKxH6luTI2NGZjLAIZaNeXB1iwc9stQAeH8aeQdjcf-0wIwkDOP3wkuQhC2Tty4IBe9AP6KGmHtnbK7ELp8nLp04x_wHcaQpq-tlihlkqMiOEP2-Ufty2J2WS6thSrn3yGS2VaaW5uf30X3VKH34SmxGB8WWxcQaI5jKjZyg3SmtnKH6MsggWUG7e6Krvmu5CTgCN8Wfcy1MXuWbmxGtYsXZUUSZ18VczpZR6UTQWLa4SWc6kp--iaLXnvsirAhqSIyYZFf6Azd6IdSEdY_aS3cD8JRYKRQz9OfrqZAg_Eph14zGJ7sPVmpXYkoK7Gm92pwaSNl355XVCayIQf8a5tto-sAc6jr-xwWl9lj-RMh9BetT_lPFWPB85Kwj60j5j1Nl97CMpf39c1qkCP6a24iQK6gudKaPp9zZiEUqG_QkynYVUV9FBr-EMiwYdeOD_HjdQfr-dF77Ze3hNQqDFLdjxFluNViNNfUTqanMjA5JtuXQ01K18sUANiKYgi9MOy9LuwufZ2PPrMCJhXLrURiT2nLrO4hLwDfQ9FuBCysyi84J-4hGAxeu5W8dsk8kE7NW7cONAfVECoVORlj9fS4S6utKjOkSx0Z-qlChTY-nsjljLV6QEZoUqOygNPmbxiHtDuoPbQ6VyrkZXQ9sXHUN4KfKegSrqwax7MD3Xr-FFZ7CO3bPZc2zGMHD5A91hAiQUqWUWL6vYQNU3YxO4LUY7fDTq1ocH1VJyUeWvBlzIyejDdKDqQp1MJm-W5zGqhXwWOEhXRnYhGoKYf0qxqncVD6XsjjVS7kXmzilZNWhDj40HEU8L1YGng4RvDSwgNN9GN7kt_mV4hcv9zSC5uFy__AJPavZekZ1r4uPJevrFeps7k77XEMIIM6sxPrxNENyjtV6hAa5oBapXwWYTZmT8XNIyPzOSD085pAPyYLkyx50hTD8kNhkuPFHGSXCtPrBLYOEYrWjjTpOBhU0cD2TMLdZQsXHI4bkOMRA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/wordpress/111051/hacking/windows-vulnerable-bluekeep.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 15:38:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
204
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=d2c1d626d6d17b7c784678224f6cb29e
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=d2c1d626d6d17b7c784678224f6cb29e
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=d2c1d626d6d17b7c784678224f6cb29e
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=d2c1d626d6d17b7c784678224f6cb29e

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| em_version boolean| em_track_user string| em_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout function| gaOptout object| gaDevIds string| GoogleAnalyticsObject function| __gaTracker function| ga object| _wpemojiSettings object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| mnetCustomerData function| dynamicallyInjectMnetAdHandlerScript function| injectMnetScript object| _mNHandle string| medianet_versionId object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing object| st object| __stdos__ function| __sharethis__docReady object| __sharethis__ object| icwp_wpsf_vars_lpantibot object| iCWP_WPSF_LoginGuard_Gasp boolean| cli_flush_cache function| refreshTag string| refreshInterval string| keyword string| medianet_width string| medianet_height string| medianet_crid object| _mN object| _mNSrv function| setup string| _mN_Idf string| _mN_ctrM undefined| _mN_ctr object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define object| _mNadPrvLog object| click_object object| Main object| BrowserDetect object| jQuery1124047933928024429395 object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| _stq string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed function| st_go function| linktracker_init object| wpcom object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner

10 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmzOoPHDKy0AeBNK__cw4DLXHqWb-8htSd3zIR1p8NJQzy0gVDpaSDINBfx
.media.net/ Name: gdpr_status
Value: 1
.securityaffairs.co/ Name: __gads
Value: ID=fb09585f41162172-22bdbdf170a6004a:T=1605713891:RT=1605713891:S=ALNI_MbDtA2PNjDVbcKcVIvHrlUtuVaTkQ
securityaffairs.co/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
securityaffairs.co/ Name: cookielawinfo-checkbox-necessary
Value: yes
.securityaffairs.co/ Name: _ga
Value: GA1.2.426609410.1605713890
.securityaffairs.co/ Name: _gid
Value: GA1.2.1680758168.1605713890
securityaffairs.co/ Name: session_depth
Value: securityaffairs.co%3D1%7C733976884%3D1%7C829833831%3D1%7C184323154%3D1%7C647633027%3D1
.securityaffairs.co/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
apex.go.sonobi.com
bh.contextweb.com
bid.contextweb.com
bidswitch-eu.splicky.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.pixfuture.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cvision.media.net
eu-u.openx.net
fonts.googleapis.com
google-analytics.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
ice.360yield.com
l.sharethis.com
lg3.media.net
match.adsrvr.org
maxcdn.bootstrapcdn.com
navvy.media.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
pixfuture2-d.openx.net
platform-api.sharethis.com
prebid.mgid.com
protect-us.mimecast.com
secure.gravatar.com
securityaffairs.co
served-by.pixfuture.com
stats.wp.com
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
ws.sharethis.com
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
fonts.googleapis.com
104.111.214.39
104.19.134.78
151.101.113.108
172.217.18.162
176.9.82.116
178.162.133.149
178.162.133.150
18.195.112.7
185.29.135.226
185.64.189.112
192.0.76.3
192.0.77.2
193.0.160.129
198.148.27.134
198.148.27.140
2.18.233.180
2001:4de0:ac19::1:b:3a
2001:8d8:100f:f000::289
205.139.111.12
213.19.147.150
2600:9000:2057:6800:1c:8a07:5e80:93a1
2600:9000:2057:c600:3:c04e:c780:93a1
2600:9000:20ae:9600:c:abe:f440:93a1
2600:9000:20ae:a200:c:a9b7:ddc0:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:20::681a:b9c
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::2004
2a00:1450:4001:824::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a04:fa87:fffe::c000:4902
3.121.118.243
35.156.19.236
35.244.159.8
37.252.173.27
52.31.46.99
54.153.104.139
68.183.31.14
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05999befd49ad70a0d0648a08d12fa80206fa88822a907ff426f0eadcc437c1a
06ec06211946a2375da6be1c89adbd3c5f8d33a3d84317d09e221f491421a994
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0758ad694d2f74d096d49d79e32cb100eeb38dc6ff11c2f9a870de5eb5a35b5f
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
093fa1b3be5a5ed806dc8873e932ce049231b1b9bab39fb85e63ab8229d57c0b
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60
0b94373bcbc05cafe125652d568fc43e6d1e0cffe7835790b5477b6c0b2ac071
0bdb519e9746b7b770969e860e0bbf41606bc4b814479ddd4f8688f2cafcc01a
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
11bee4388801dae17de9afe8e83c49f430ec3504207570d10d2e3a60bbcf24f2
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
1536d07b6af9e6b855c692e59c9464e7f17dc211a4b17380f5a8b50ab13fe8df
177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
19220534acd81fcc7c5128efb3662f50ec59441be7a642a13d81db09106a5ded
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
211fe1b9a4bf84725536937d87bba9b1656f20ba7b6cb3d7fc8ccbd6286b1441
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
24583638f8c4bd2d5dff22bddefbb24f8d047868e71ad2c029b1698b6926c85c
2c248ac6c08256776d7133ba0e76fe682a1c91001d32e4d89a9606e9a7d02d79
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2fc6c5d0bbc31a642d749a5d73ca3cd76d695684f74b22fccc57eef7af751eba
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3afe47d0fe0b16bc5bddecdc9bcaca94ed420b8fd0ddee2ae77364403c794bb8
43cdebb898eb3c32261ba332ca54d29541f43ef5c2f3f9bc0da902fbfec0edf3
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
4c6c4415447de566db05965d087748482309264382e0a8a8fc986fb83bb68f1f
4fb2a9205d8aab46f1f1fbb266c033556caab044a70bad50e47505bde1a1d27b
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
5297a3e43e6bfeaaf653edbbdfacca6253138fdd9aec861b954ac1add4db30c6
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
56159a7fa211c042c8da7005984653715f938917383f74292247f7b271469fb6
57ad649d76015fa4fd21187c83ede880a574c4632670e374ef43049a17b921eb
6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7
6426a80cc7f9a8299741f42ad975ad9345fa04f73c83b835ead4a047d184a85e
643a860832456b5a74825b79d625434b5c4c2a344b8f9bef3614b327bea52646
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
666a8c9694544da28b20d106acc0c8d9aca044de9ee5144111e1abf47731b3a1
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6c567f5f0ea4a8f2b5ef941a4b6b4d4d616e8198a96b6fab88df74a5bc3b5dce
6d7d8b5166693d824356fd913840d94a4e76e9377f67035401b01c5ed1d23362
6db4ccd654679e9103364fd67fa7bf3458b4d06f7d5976893908008efde8ffa7
70007744256009c3d64d54716659423b2e31c4738a39f6c06ffd4a14c3f71288
7193a6ae7349709641cdd713db8351d7361ed1ef6bed9ee8fb7631ab4c06453e
73bd83a071843342dd02407568c26ef171ce61398c179136935fd276253ee018
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04
7d08c16c83e8837eda7246bd47e4ced77a97e9217397cc3ce6f332e5ca3ead11
80b8c415d0a2860143f7a4efeb7411e12dbd8574082ef69b63236fe735557182
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8409b9764e33ddac8490144f1efd0a9c4bb5fe5966994deeedd0e4e535dfcf2e
86e2c5b75471f727ccb2509e365842493c33a88275e0aebf31add5a845e56b53
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9282ea078a317f764d3883e732d14a2e80575e437b710144396d453f5a19139a
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9b5b9b8b1984a7b55656ca3d243deb436e049467353f6e61e73ac8bd0ab2a636
9d02719f341a6d79fe181f86129a17d1c3763daddc21022020ee4589095dc12a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
ac10670ad06b9d3132c985fbe634b58d2ac2e8dee4ce0c8ca90fda2320c24462
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
afe61ef42fe251cd36ad40011667f1f7d75aae7845558af77b04e2418849c338
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b7c2309c6e08de495b618ca1d7325a767ce1f1921447efad9eb29fb42824d611
b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
c21f640ff99882107394ad078a71fdf2edbe3454aae86f2fccde6a854931e4d2
c448a65752c61f1737babe0012543d61411f401deac1cbfed291ad0083ad8fd9
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8817bacfc84fd39e4daec4096011ed3d117c7fe8b3c55fdd22af47c299099bc
cf879049518cd81a6c5ba3626891df600ea37a61b36847203a465e613eb9f435
cf9b76f5559de92c2cc7df8fa751c09d9a3bbfada6123d975c75c4a093f8cfeb
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e5ec573549c3a753ec60d2cb6a1405881581178aea0472a98c7c1e03ba16d2
d24350e3a8c6e3963544189c3d0cfcd8c11e5dbac0de76aace83993b7d16dcf6
d24870fe2c57307bb56c726de944bc73eecef58447c3f516c67c476ebdb46b16
d44b68c7b3e659196a6a72662f4e2e903044d6e64a6a5c0002602711cd68a8fa
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
da964f62d626d1d0d8a931e4fa1d5e21c7e755ba4d152bffd3532ea611024fb6
db2e2708e1829aa1c683c5f23457dffba2cc1aaa83a9e644abc0c04c91636697
dba75044f2e57c5a1d8e814f7baf938c03c73604d5bd0796c92a09ff65545249
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6
eae1dccf23afe7d3230c56edf243d9ead20d754b8ecc14e0b1fe4cc2dc321477
ee657fa9cbe48aeeda44b31ed4ae2ca1d021a82e301e36a456eafb7c8dda7fb7
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f0d3d5e8244dc1528570498005e8b963908ad2efe06639f7fb3bfaeec5a10daa
f11b778b1636603f23423167797eede834832edf58f831f6f64933f6139faf6f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e
f7b6378a1d4b8ae8b25110f6717f3b3c57f48c9b82591297c64a954a2deb2227
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe5a0b9284ad9a848a72e803f6506991a27ff53b25a91739aab9b73e81b7ac3b